Skip to main content

Network firewalls help protect UNC-Chapel Hill

 

By

October is Cybersecurity Awareness Month, a national campaign now marking its 18th year. In conjunction with other efforts to promote online safety and security, ITS will share cybersecurity tips, resources, and stories about how the Information Security Office works to help keep us and the University safe.

In this Q&A, Michael Williams, Network Security Team Lead with the Information Security Office, tells us about campus firewalls and what they do to reduce risk.

Michael Williams
Michael Williams


 What is a network firewall?

A network firewall is a device used to block unwanted network traffic so that it does not affect computers or resources. My favorite metaphor for a firewall is to think of it as the moat around a castle. By default, no one can get across the moat. The only way to get in is for the castle guards to lower the drawbridge — and for that, we need to be someone they know and trust.

A firewall works much the same way: traffic from outside your network is blocked by default, and only known, trusted traffic is allowed in. Of course, some things need to be open to the world, such as a web server for a public site. Other things need to be more closely protected, such as a user’s desktop computer. Our firewalls apply very specific and complex logic to the traffic it inspects so that the web server is reachable, and the user’s computer is not.

Our campus network firewalls block hundreds of millions of unwanted network connections each day. In any given month, our firewalls block about 40% of the traffic sent to hosts they protect.

Does the firewall have more advanced features than basic firewall rules?

Yes, the campus firewall service includes several technologies you may hear referred to as “next-generation firewall” or “NGFW” features. Those protections use a combination of factors to recognize both known attacks and more generalized pattern recognition to identify network traffic often associated with common types of exploits. That allows the firewall to spot an attempt to break in to on-campus servers, workstations and “internet of things” devices even if no one has seen that particular attempt before.

What if I as a campus firewall client need to allow something through the firewall?

For that, submit a request in ServiceNow or ask the ITS Service Desk to do so on your behalf. We’ll have a few questions, and there will be some specific technical information we’ll need, but we’ll work with you to get that information and get the new access granted in a secure manner.

Are there risks or attacks the firewall can’t stop?

Absolutely, yes! Even with the campus firewall service, we all need to do certain things to reduce risk to ourselves and everyone else:

  • Keep your systems up to date. This goes for both University-owned computers and devices and your own personal computers and devices.
  • Use the VPN when you need to access campus resources, even if VPN access isn’t required.
  • Stay up to date on the latest guidance for recognizing phishing emails and reporting them to ITS.
  • Use LastPass to store, protect and generate passwords securely.

And, of course, it never hurts to listen to Data @ Rest, the Information Security Office’s podcast!

Comments are closed.