Printed on: 08/19/2018. Please go to http://policy.umn.edu for the most current version of the Policy or related document.

APPENDIX TO POLICY

Network Firewall Standard

Objective

To ensure authorized access and to prevent unauthorized access to University information and IT resources, select networked systems must be protected through the use of network firewalls. Network firewalls reduce risk by restricting access to those who require access to the applications or data.

Security Controls

Network Firewall

The following table defines the baseline security controls for network-based firewalls.

Control Security Level
ID Description High Medium Low
NF.A.01 Segmentation of traffic with network firewall Required Recommended Optional
NF.A.02 Documentation of firewall rules Required Recommended Optional
NF.A.03 Periodic review of rulesets (suggested: semi-annual or annual) Required Recommended Optional

Resources Covered

This applies to IT resources owned or contracted by the University.

Individuals Covered

This applies to University community members who use or manage University IT resources.

Related Information

More information on Network Firewall

Published Date

  • November 2014

Document Feedback