The Institutional Firewall

To protect the Campus network from threats on the public Internet, there is a firewall at the boundary between the Campus network and the Internet.

Firewall Policy

The campus border firewall operates a 'default deny' policy. This means that only traffic that has been specifically permitted is allowed through the firewall. The standard level of service offered to a machine on campus is to have no access through the campus border firewall, any connections to the Internet must go through the campus proxy servers.

Outgoing Access

Some machines on campus require a direct outgoing connection to the Internet. In the context of the campus border firewall, outgoing access means that the campus machine is acting as a client connecting to an external server, for example an FTP server out on the public Internet. This access is controlled by granting a machine the 'Internet Access' class of service, which may still be known in some places by the legacy term 'JIPS'. Please see the Systems Security and Network Access and Management policy for how to request the 'Internet Access' class of service.

Incoming Access

In the context of the campus border firewall, incoming access means a server on campus offering a service to clients out on the public Internet. All services that are accessible from the Internet must be registered with the firewall, the ability to register services in this way has been delegated out to departmental IT staff. If you are setting up a server that needs to be accessible from the Internet, please contact your departmental IT staff who will be able to arrange the appropriate access to be opened up. If your department doesn't have any IT staff, please email the IT Help Desk with the details of the server, including its IP address. Departmental IT staff wishing to become delegated firewall admins should complete and return the below form.

Application forms.

In order to satisfy audit requirements, the right to register services will only be granted to Faculty, School and Departmental IT staff who have been authorised by the relevant Faculty IT Manager (or equivalent). Please read the Firewall Administrators Charter (in related documents) for the terms of use, then use the application form (in related documents) to apply.

If you have any questions or requests for information regarding the campus border firewall, please contact the IT Help Desk