Print

Firewall Usage Policy

 

Policy No.:ETP-18-3                                                                                                                                                                                              Effective:03/18/12


DEFINITIONS

KSAU-HS               King Saud bin Abdulaziz University for Health Sciences

UNIVERSITY          King Saud bin Abdulaziz University for Health Sciences

EDUTECH               CorporateOffice of Educational Technology Services

DIRECTOR             Director of the Corporate Office of Educational Technology Services

IT                          Information Technology

PURPOSE

This policy is designed to ensure that connections to the Internet by KSAU-HS computer systems are safe from intrusion by unauthorized individuals from outside the University. It is also designed to prevent unauthorized and unprotected connections to the Internet that may allow a variety of unsafe content to enter the University network and compromise data integrity and system security across the entire network.

SCOPE

The policy applies to all KSAU-HS computer systems that are connected to the Internet. This includes connections made via the corporate network, modem connections using telephone lines, and wireless connections of any kind.

REFERENCE

  • POLICY ITP-18-1 Internet Connection Policy
  • POLICY ITP-18-2 Wi-Fi Hotspot Internet Access Policy
  • POLICY ITP-18-4 Internet Acceptable Use Policy

POLICY

  • All networks or systems connected to the public Internet must be protected by a firewall that is configured using the following default settings:
  • All outgoing traffic irrespective of source is only allowed through approved KSAU-HS internet proxy server.
  • All valid incoming packets "related" to the outgoing packets are allowed.
  • All outgoing traffic from internet proxy server is allowed.
  • All outgoing traffic related to video streaming, peer-to-peer file sharing (P2P), instant messaging and social sites are blocked by default.
  • All incoming packets destined to servers are allowed on service ports through IP address and port mapping.
  • All other (incoming/outgoing) packets are blocked by default.
  • All requests for modifications to the above default policy settings must be reviewed and approved first by the Network Manager.

Approved By:
Director Corporate, Educational Technology Service
King Saud bin Abdulaziz University for Health Sciences

 

Related Links