Overview
By default, a firewall blocks all network traffic coming in to the network it is protecting. For the campus firewall this means that no traffic from the Internet can get on the Missouri State campus network without explicit permission. To permit traffic through the firewall we create exceptions (or rules) that allow certain traffic on the network. The rules are defined by the IP addresses of the sender and receiver of the traffic as well as the type of traffic (e.g. web or SSH).
Firewall exceptions are tightly regulated to protect the University network. Every exception is a potential security vulnerability so we limit them to only those that are absolutely needed. All University affiliates (students, faculty, staff and emeritus) can have access to use the VPN to connect to on-campus resources when they are off-campus. For this reason, only services that are intended for people not affiliated with the university will be allowed firewall exceptions.
Most services (e.g. HTTP and SSH) will be approved provided sufficient justification. There are, however, at least two exceptions. Telnet and FTP are both considered "insecure protocols" and will not be approved as firewall exceptions. These protocols do not encrypt the user ID or password making it much easier for an attacker to compromise the security of the server and the University network.
Only a computer functioning as a server will be considered for a firewall exception. A computer being used as an individual's workstation does not qualify as this is more vulnerable to malware, virus infections, and other programs that can impact the security of the University network.
Eligibility
Firewall exceptions are available for full-time faculty and staff.
Cost
There is no cost for this service.