Frequently Asked Questions - Shared Firewall Service

Is this service suitable for me?

Yes, if: 

  • Your service contains printers and workstations only.
  • You don't have any custom rules.
  • You don't have techincal staff who can configure your firewall rules. 
  • Your security needs are not extnensive. 

No, if: 

  • Your subnet(s) hosts servers and services used outside the firewall.

  • You host sensitive data.

  • You have regulatory or contractual obligations to safeguard data that resides on your  network.

Can I make customizations to the shared firewall rules?

No. Customizations are not made for individual departments. However it is an evolving service and changes will be made if necessary to support the general needs of campus workstation computing.

Are there any drawbacks to using this service?

  • This service should not be used if you store restricted data.

  • Rules and profiles in the shared firewall are not customizable.

  • The only services on the protected side of the firewall that can be access from the unprotected side are printing and remote desktop services. These services can only be accessed from non-Calvisitor campus addresses.

  • Campus vulnerability scanners are allowed and there will be no firewall exceptions for devices that have issues with scanning

What are the benefits of using this service?

  • You don’t need to write your own firewall rules.

  • You don’t need to define security profiles.

  • Increased security using profiles that block systems from connecting to or receiving traffic from known bad addresses

  • Malicious content (spyware, attempts to exploit known vulnerabilities, etc.) will be stopped by the firewall