Firewalls are used to permit or deny network traffic as it passes from the Internet into the campus, based on implied and explicit rules. On January 6th, 2009, CIT integrated a stateful firewall into our network. The firewall has added an additional layer of protection to every desktop computer, server and network device on campus.
Our firewall permits the most common types of network traffic to enter the campus network. It also permits any traffic that is coming into campus in response to a request from a computer on the campus network. When people browse the web or connect to specific Internet resources, the reply from the Internet will be permitted to enter the campus network.
The firewall prevents any network traffic coming into campus that is not a response to a request from a Geneseo computer. It also blocks uncommon network traffic coming into campus which has not already been explicitly permitted.
Furthermore, the firewall behaves differently based on the destination of the inbound traffic. Different rules apply based on where the traffic is destined: offices, classrooms, labs, residence hall rooms or server areas.
CIT examined the services we offer to the campus community before activating the firewall. Most applications that community members use from home have been explicitly permitted in the firewall. Applications that we have not explicitly permitted in the firewall will be available by first using the campus VPN service. If you are unable to access a service or system from off-campus, start a VPN connection and try again.
If you experience unusual network issues that you suspect might be related to the firewall activation, please contact your TSP or the CIT HelpDesk at 245-5588. We will work with you to explore alternatives or as a last resort, adjust the firewall.
Thank you for your support as we strive to improve the safety of computing at SUNY Geneseo.