Educause Security Discussion mailing list archives
Re: Exception handling processes on Default Deny Firewall
From: "James M. Driskell" <jdriskell () UPS EDU>
Date: Wed, 2 Feb 2005 09:39:03 -0800
Hi Kim, We've had a default deny firewall in place for several years now, and of course, it generates requests for exceptions. Most of the exceptions come from the students, so we ask them to justify their request in academic terms and do the research to determine which ports and services are required to support the exception. We generally don't approve gaming requests but this policy is subject to review. The requests for exceptions start at our Help Desk. Jim Driskell Network Manager University of Puget Sound -----Original Message----- From: The EDUCAUSE Security Discussion Group Listserv [mailto:SECURITY () LISTSERV EDUCAUSE EDU] On Behalf Of Cary, Kim Sent: Wednesday, February 02, 2005 9:21 AM To: SECURITY () LISTSERV EDUCAUSE EDU Subject: [SECURITY] Exception handling processes on Default Deny Firewall I would like to thank all those who replied to my message:
Subject: Re: Preparing for Default Deny Firewall
I'm storing, sorting and categorizing your replies - some are technical, some procedural. All are GREATLY appreciated. I'm concerned that this go well, both before and after implementation. I'm especially looking for help with mechanisms to handle exceptions... when someone wants a port opened _after_ we implement. How do you vet, approve/deny & who gets the final say, where to your customers stow their request? What info is required to stow the request or do you send a consultant for each one? I do appreciate you editing your replies to only quote the appropriate part of my message (if needed) so I don't feel like I'm spamming the list ;-). Kim Cary Infrastructure Security Administrator Pepperdine University ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/. ********** Participation and subscription information for this EDUCAUSE Discussion Group discussion list can be found at http://www.educause.edu/groups/.
Current thread:
- Exception handling processes on Default Deny Firewall Cary, Kim (Feb 02)
- <Possible follow-ups>
- Re: Exception handling processes on Default Deny Firewall James M. Driskell (Feb 02)