The Information Security Team manages all campus and data center firewalls. The University’s modern firewalls deliver visibility and control over applications, servers, users, and content using a highly optimized hardware and software architecture. For this reason, we strictly monitor and control the rules allowing communication in and out of campus. However, if you believe your application or server needs to be exempted from a firewall rule, please open a firewall exception request ticket. Keep in mind to limit risk and reduce the attack surface:
- Every Firewall Exception increases the risk to DU networks, systems, and applications - DU VPN should be used whenever possible.
- Information Security will deny requests for Firewall Exceptions if they violate required compliance guidelines or put the University at significant risk.
- DU Systems included in the request will be scanned by network and/or application security tools prior to implementing the Firewall Exception Request - all vulnerabilities must be corrected before the Exception is implemented.
- All Firewall Exception Requests are subject to annual review and Information Security may request updated information as part of the annual review cycle.
- All System and Application Owners are responsible for maintaining appropriate security updates, patches, configuration, etc., on their respective systems - if a vulnerability is detected it must be corrected or the Firewall Exception Request will be removed
If you have more questions about firewall exception requests, please contact the Information Security Team.