Educause Security Discussion mailing list archives
Re: Firewall - Egress Policy
From: Gary Flynn <flynngn () JMU EDU>
Date: Mon, 4 Sep 2006 13:13:46 -0400
Chris Golden wrote:
I am struggling keeping up with outbound firewall rules pertaining to games and other gaming apps (i.e Ventrillo, Teamspeak, PS2, Xbox live). We have a policy allowing approved gaming ports to be opened after 5pm M-F and all day on the weekends. However, as more and more games come out requiring 4,000+ ports I am starting to think this is pointless. I see the need for filtering out certain ports such as SMTP, SNMP, MS RPC, NetBios, SMB/IP, TFTP, IRC (6000-6999) but it would be easier to create rules for these ports and allow others. What are some of your thoughts/policies on this?
We use Packeteer Packetshapers to help reserve bandwidth for traditional production applications and change policies at 10PM. -- Gary Flynn Security Engineer James Madison University www.jmu.edu/computing/security
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
Current thread:
- Firewall - Egress Policy Chris Golden (Sep 04)
- <Possible follow-ups>
- Re: Firewall - Egress Policy Gary Flynn (Sep 04)
- Re: Firewall - Egress Policy Cal Frye (Sep 04)
- Re: Firewall - Egress Policy Jack Suess (Sep 04)
- Re: Firewall - Egress Policy Steve Lovaas (Sep 05)
- Re: Firewall - Egress Policy Bruce Curtis (Sep 05)