The initial configuration assumes that all inbound connections from outside Penn State Shenango are un-trusted, and therefore blocked with exceptions. All outbound connections, initiated by the user, are permitted through the firewall. The following exceptions have been researched thus far and are to be placed into the active exceptions.
- OAS Printing
- SOS Security Scanning
- IPAS Scanning
- DCE Authentication
If more specific rule inquiries are needed please contact the I.T. Department at [email protected].
Request for Exceptions to Firewall Security
It is recognized that a firewall can restrict certain activities on the network and Internet at large that are necessary to conduct the teaching, research, and outreach functions of the College. Therefore a request can be made to the I.T. Department create an exception to the firewall rules. The procedure for requesting an exception is as follows:
- The specific need for the exception and port(s) to be opened with justification for each.
- The Internet name and address of the computer(s) for the exception.
- The name, phone number, and email address of the information technology staff person responsible for administration of the computer(s). If staffing changes leave an excepted server unmanaged the exception(s) may be removed if an unreasonable security risk arises from the system remaining unmanaged.
- Security measures in force on the system including password policy, auditing policy, antivirus software (if any), and any additional security related software and/or settings of the machine.
- A statement to the effect that the owner of the computer(s) “understands that the computer(s) will be disconnected from the network and the port(s) granted the exception will be closed if a security incident occurs with that computer, contact information for the technology staff person responsible for the computer is not kept current, or security patches are not being applied in a timely manner.”
Exceptions may not be granted for a request that the I.T. Department considers too vulnerable to attack or for operating systems and applications without a proven record of adequate security.