Firewall Ruleset Enhancement Initiative

Published:

Firewall rules are like a strong, reliable gatekeeper for your computer or network. They help protect your precious digital information from unwanted visitors and potential harm. Just as you lock your doors and windows to keep your home safe, firewall rules act as a digital barrier, carefully allowing in only the trusted and authorized connections while blocking out any suspicious or harmful activity. By setting up these rules, you can control what goes in and out of your digital space, ensuring that your personal data and sensitive information stay secure and shielded from online threats. With this in mind and in alignment with the goals of the University’s Information Security Program, we are actively reviewing existing firewall rules and systematically making improvements by means of the following process: 

1. Identify networks that have high-risk network firewall rules for prioritized review and improvement.*

2. Review services on those networks that are externally exposed in an effort to proactively identify needed exceptions in cooperation with the appropriate IT Partner(s).

3. Notify the appropriate IT partner and functional leadership with the date that the new ruleset will be deployed (usually two weeks from the point of notification) and encourage proactive registration for any internet-facing exceptions via service.stonybrook.edu

4. Review current network traffic to identify services that may need exceptions that were not previously identified.

5. Implement a new firewall ruleset and promptly resolve any exceptions that were not proactively identified. *If a high risk host is identified on a network that is publicly exposed to the internet, that network will be prioritized for a firewall ruleset enhancement review 

If you have any questions or need additional support, you can contact our department by opening a service request at service.stonybrook.edu or by calling (631) 632-9800. 

Security Training and Awareness Working Group 

Stony Brook University

 

For More Information Contact


Information Security Team