University of Vermont

CALS Information Technology Office

6/6/2002

DD&C Announcement: Firewall to protect UVM network

[For Deans, Directors & Chairs list.]

As announced last year, the University has installed a firewall to help protect the UVM network from external attack. Testing with volunteers and residential halls has been underway for some time. Over the summer we will be moving forward with full implementation of the firewall.

Why are we writing to Deans, Directors and Chairs?

Though most people will see no effect from the firewall, departments who rely upon external access to departmental computers providing Web, email and other services could be affected. Unless the server administrator requests and receives a firewall protection waiver, access to those services will not be possible from outside UVM's own network.

Note that the deadline for firewall waivers is June 30 (see below).

Details of firewall plans are on the Web at:

http://www.uvm.edu/networksecurity/

Who will be affected by the firewall?

Most people will see no effect from the firewall. The firewall does not restrict content; it protects computers "behind the firewall" from certain types of access from outside of UVM.

The firewall will affect:

* Computers on the Internet (off campus) won't be able to access campus Web, email, ftp and other services (except servers for which a waiver has been granted, such as www.uvm.edu / Zoo).

* Some niche applications. For example, we have seen problems with person-to-person services such as NetMeeting and some Internet "telephone" applications.

The firewall should not affect:

* Any access from on-campus to Web and other servers anywhere

* Access from anywhere to Web pages you publish on Zoo

* Access from anywhere to files you store on Zoo

* Access from anywhere to email services on Zoo

* Text-based chat

When will this happen?

In addition to selective testing and residence halls, we will begin extending firewall protection to the remaining buildings in July of 2002. Current plans call for a rolling implementation by building or group of buildings. More specific notice will be sent to appropriate lists as specific deployment decisions are made.

What do I need to do if my department needs to run our own server?

If the services offered on your server will be used only from the UVM network, then you do not need to do anything.

However, if your department needs to provide off-campus access to any departmental servers providing web, email, ftp, file or other services, then the system administrator must complete a Firewall Waiver form prior to June 30, 2002 if the server is to continue to be accessible from off-campus.

For more information or to fill out the Firewall Waiver Form please see:

http://www.uvm.edu/networksecurity/main/?Page=waiver.php

Note that servers receiving a waiver must be adequately managed and secured. If your department does not have the resources to secure your server, you should consider using institutional servers that have been and will continue to be properly secured.

In order to accommodate servers which will require firewall waivers, many locations will require network infrastructure upgrades. [Such upgrades are typically funded by departments.] Therefore, it is extremely important that Firewall Waiver forms are submitted by the end of June. Waiver requests which are received after this date may not be granted prior to the implementation of the firewall.

If you have questions or concerns about this change, please send email to cit@uvm.edu

Note: For more information about the UVM firewall visit these links:

Contact UVM © 2014 The University of Vermont - Burlington, VT 05405 - (802) 656-3131