Educause Security Discussion mailing list archives

Firewall - Egress Policy

From: Chris Golden <cgolden () LEEUNIVERSITY EDU>
Date: Mon, 4 Sep 2006 11:10:21 -0400

I am struggling keeping up with outbound firewall rules pertaining to
games and other gaming apps (i.e Ventrillo, Teamspeak, PS2, Xbox live).
We have a policy allowing approved gaming ports to be opened after 5pm
M-F and all day on the weekends.  However, as more and more games come
out requiring 4,000+ ports I am starting to think this is pointless.  I
see the need for filtering out certain ports such as SMTP, SNMP, MS RPC,
NetBios, SMB/IP, TFTP, IRC (6000-6999) but it would be easier to create
rules for these ports and allow others.  

What are some of your thoughts/policies on this?

Thanks,
Chris

Chris Golden, GCIH
Coordinator of Network Services
Lee University - IS&T
http://www.leeuniversity.edu
Office: 423.614.8020

Current thread:

Firewall - Egress Policy Chris Golden (Sep 04)
- <Possible follow-ups>
- Re: Firewall - Egress Policy Gary Flynn (Sep 04)
- Re: Firewall - Egress Policy Cal Frye (Sep 04)
- Re: Firewall - Egress Policy Jack Suess (Sep 04)
- Re: Firewall - Egress Policy Steve Lovaas (Sep 05)
- Re: Firewall - Egress Policy Bruce Curtis (Sep 05)