2.01.01 Network Firewall - Border Control

I. Purpose

This procedure documents how Bradley University utilizes the firewalls and border routers to protect campus network resources from unauthorized users and malware.

Policy Supported

Supports 2.01 Network Firewall - Border Control

II. Description

Bradley University will continue to comply with regulations and follow industry best practices by utilizing firewalls to segment the University network into security zones.

Firewall Security Zones

The network is segmented into zones, each with an assigned purpose. Devices are added to a specific zone based on who the user is, the protection needed for the device or the data that resides on it, and the required access to other network resources.

Firewall Policies

The firewall enforces zone segmentation with policies. Policies on the firewalls are used to allow a device or devices in one zone to initiate network communications with a device or devices in another zone. All other traffic traversing security zones is denied.

Border Router Access Control Lists (ACLs)

Access Control Lists on the border routers provide a layer of security in addition to the firewalls to protect all zones of the campus network from unwanted activity from the Internet.

Device Level Protection

Many other devices on the campus network have a host-based firewall installed locally on them, which is an additional layer of protection.

III. Scope

This procedure applies to all Bradley University network resources at the main campus and the remote campuses.