Firewall Policy: IV
The SPC gateways are protected by external firewalls between the Internet and the SPC network to establish a secure environment for the College’s information technology resources. Internal firewalls are in place to establish secure communications between different segments of the College’s network where different levels of security are warranted. Firewalls are enabled and configured on servers and workstations that are attached to the college’s internal network.
SPC’s firewalls are key components of the College’s network security architecture. The Firewall Policy governs how the firewalls will filter traffic to mitigate the risks and losses associated with security threats to SPC’s information technology resources. This policy will attempt to balance risks incurred against the need for access.
The purpose of this policy is to protect SPC’s information technology resources from hacking and virus attacks by restricting access to information technology resources on the College campus. It is designed to minimize the potential exposure of SPC to the loss of sensitive confidential data, intellectual property, and damage to public image which may follow from unauthorized use of SPC’s information technology resources.
The Firewall Policy applies to all firewall devices owned and/or operated by SPC.
The perimeter firewall permits the following outbound and inbound Internet traffic:
- Outbound - All Internet traffic to hosts and services outside SPC’s networks except those specifically identified and blocked as malicious sites.
- Inbound - Allow Internet traffic that supports the mission of the institution and is in accordance with defined system, application and service procedures.
- Outbound/Inbound – All internet traffic detected as malicious by the College’s intrusion prevention system (IPS) and/or all traffic violating SPC firewall policies is dropped.
Reason for filtering ports:
- Protecting SPC Internet Users - Certain ports are filtered to protect SPC information technology resources. The perimeter firewall protects against certain common worms and from dangerous services on SPC information technology resources that could allow intruders access.
- Protecting our outbound bandwidth - If SPC Internet users overuse their outbound bandwidth by running high-traffic servers or by becoming infected with a worm or virus, it can degrade the service of other SPC systems.
- Protecting the rest of the Internet - Some filters prevent users from both knowingly or unknowingly attacking other computers on the Internet. In addition to being in SPC’s interests for protecting our bandwidth, it is the institutions’ responsibility to prevent abuse of its network.
Roles and Responsibilities:
The Information Security Office is responsible for implementing, configuring and maintaining SPC’s firewalls and for activities relating to this policy.
- At a minimum, firewalls must be annually tested and reviewed.
- When there are major changes to the network requirements, firewall security policies will be reviewed and may warrant changes.
- Firewalls must have alert capabilities and supporting procedures.
- Auditing must be active to permit analysis of firewall activity.
Related Policies, References and Attachments:
An index of approved SPC-IS policies can be found on the SPC Policies website at https://www.southplainscollege.edu/human_resources/policy_procedure. The SPC Information Security Program and SPC Information Security User Guide are also available on the Information Technology Services Policies website.
DIR Security Controls Catalog Control Group: SC-1
Approved by: Executive Council, April 4, 2019
Next Review: October 1, 2020