Penn State home
Engineering
About the College
CEDCC Home
 

Main Policy Page
Acceptable Use Policy
Password Policy
Anti-virus Policy
Remote Access Policy

Lab Anti-virus Policy
Account Audit Policy
Server Security Policy
Standard Firewall Rules Policy
Firewall Rules Exceptions Policy
Virtual Private Network Policy
Wireless Communications Policy
Remote Access Policy
Backup Policy
Incident and Disaster Tolerance/Response Policy
High Performance Cluster Policy and Procedures

 

 
College of Engineering --- Standard Firewall Rules: COE–FRP–01  
 

The initial configuration assumes that all inbound connections from outside the College of Engineering are un-trusted, and therefore blocked with exceptions.  The following exceptions have been researched thus far and are to be placed into the active exceptions.

 

Service

Port

Functionality

SSH

22,  989, 990, 992, 993, 995

Provides encrypted channel for various, otherwise unencrypted services.

HTTP/HTTPS*

80, 443, 8080

Web services and secure web services

Streaming Media*

7070, 554

Hosting of Streaming Media

DNS*

53

Domain Name Service

SMTP*

25

Simple Mail Transfer

TSM Backup^

1500

Server initiated backups from University

FIT

ALL

128.118.1.137, 118.118.141.3

SOS Scanner

ALL

146.186.7.17

DFS

ALL

University DFS Servers

DCE^

ALL

University DCE server - 128.118.141.33, 128.118.141.34   146.186.5.98

DCS

ALL

University DCS Servers

OAS Printing

ALL

University OAS Servers

 

*Indicates the exceptions will be made for only approved servers
^Indicates the exceptions will be made for allowed external hosts only

All other inbound connections are disallowed and must be tunneled through a secure VPN connection.  That is, unless an exception is approved (see Exception Process below).

Conversely, all outbound initiated traffic is allowed with the following exceptions and reasoning:

Service

Port

Reason for restriction

SMTP

25*

Prevents installation of unauthorized SMTP servers that may be used as dissemination points for malicious code or spam

Kazaa

1214

Blocks P2P software used primarily to exchange copy written material

 

Last updated: 11/3/2006

 
 

Communications & Computing | Electronic Design | ECS Home Page | COE Home Page

© All Rights Reserved by The Pennsylvania State University, College of Engineering | Text Only Version
E-mail problems or comments to Webmaster