Skip Navigational Links
Oregon State University: Open Minds, Open Doors. OSU HomeoCampus CalendaroFind SomeoneoMapsoSite Index
Prospective StudentsoCurrent StudentsoFaculty & StaffoAlumni & FriendsoVisitors

Network Engineering


Home

Status

Network Info

Security

Services

DCA Resources

Docs/Policy

Gallery

NET Blog

Site Map

Contact Us

[search help]

Oregon State University
Kerr Admin B211
Corvallis, OR 97331


Abilene


Internet2 Member
Start of Content

OSU Firewall Information

Firewall Progress Meter

By Subnets

By IPs in Use

By IPs Allocated

Firewall Design

Network Engineering has implemented a firewall design with the following goals in mind:

  • High availability, performance and redundancy.
  • Usability of the network preserved without creating barriers to information sharing.
  • Distributed control of firewall rulesets to Colleges/Departments.

Our current strategy is to configure a separate services firewall context for each department. Machines in a "services" network are those that need to provide services to off-campus or non-firewalled hosts. Rulesets for each departmental services subnet are then managed by the department.

Workstations are placed behind the Enterprise Firewall, which denies all inbound connections. No outbound connections are restricted. Some access to workstations behind the firewall will be enabled via the VPN for services such as RDP or SSH.

Frequently Asked Questions

Q: Will I be able to access my workstation from home via Remote Desktop or SSH after it has been moved behind the firewall?
A: Yes, you will be able to use the VPN to access your workstation remotely.

Q: For servers behind the firewall, if I don't want to allow outbound port 80 access, how do I use proxy?
A: Most applications support a proxy server and are easy to configure. For those that don't, you may be able to use an environment variable to specify the proxy server. For example, in bash, do: export http_proxy='http://proxy.oregonstate.edu:3128'

Q: For servers behind the firewall, if I block outbound access, how can I do SVN via Proxy?
A: SVN supports proxy and our proxy servers are configured to allow the needed methods. Instructions for SVN are here: http://subversion.tigris.org/faq.html#proxy

List of Departmens Behind the Firewall

The following groups and departments have moved all or part of their systems behind the campus firewall:

  • College of Business
  • College of Forestry
  • Fisheries & Wildlife
  • College of Science
  • CGRB
  • Community Network - Technology Support Services
  • Student Health Services
  • ResNet
  • Athletics
  • Enterprise Computing Services - Banner, ONID, Blackboard
  • Milne Computing Center
  • Network Engineering
  • Registration and Enrollment

Network Engineering, Oregon State University, Corvallis, OR 97331.
Contact us with your comments and questions. - ((541)737-3474)
Copyright 2004, Oregon State University | Disclaimer.