Firewalls

Printer-friendly versionPrinter-friendly version

There are two types of firewalls: personal firewalls and network based firewalls. Personal firewalls are deployed on your personal computer, server, or other networked device. Personal firewalls are intended to prevent unsolicited traffic from accessing your computer. It is required that each 4J computer have the personal firewall enabled and configured. Information on how to enable and configure your personal firewall can be found here:

How to enable and configure personal firewalls.


Network Based Firewalls

Network Services provides network based firewall services that are intended to prevent unsolicited, and frequently malicious, traffic from the Internet at large from hitting the District's network. In addition the firewalls prevent 4J computers from sending unsolicited traffic to the Internet. By default, a small list of TCP/IP ports associated with frequently vulnerable services are blocked at 4J's network border.


Intrusion Detection and Prevention

Network Services also provides Intrusion Detection and Prevention services as an integral part of the firewall services. Network based intrusion detection attempts to identify unauthorized, illicit, and anomalous behavior based solely on network traffic. When Intrusion detection takes a preventive measure without direct human intervention, then it becomes an Intrusion-prevention system.1

1Wikipedia: http://en.wikipedia.org/wiki/Intrusion_detection



Support and Maintenance

Network Services:

  • Responds to firewall monitoring alerts and client-reported problems. During non-business hours, support will be provided when either the hardware or infrastructure software is unavailable, or the ability to use these resources is severely degraded across the district.
  • Troubleshoots and resolves system-related problems.
  • Monitors vendor resources for any required operating system patches or upgrades.
  • Monitors vendor resources for any required hardware upgrades.
  • Troubleshoots and resolves 4JNet infrastructure-related issues.


  • References

    http://www.sans.org/resources/idfaq/
    http://csrc.nist.gov/publications/nistpubs/800-94/SP800-94.pdf