Network firewalls

Network firewalls are used to allow or deny network traffic, permitting only data packets (a packet is a basic unit of communication over a digital network), which match certain rules to then be able to pass through. Rules can be based on the source or destination address or port, protocols used, as well as other attributes, and can control traffic both passing in and out of the network.

The University provides a centralised virtual network firewalling service through the use of Firewall Services Modules (FWSMs) on the campus backbone routers (a backbone router manages URL based navigation). Firewall services can be provided to ANU areas to assist in protecting local systems from unwanted traffic.

Initial setup

Initial creation and setup of the virtual firewall instance is done by IT Security staff in consultation with local area management. Local IT Support Staff are then able to perform ongoing changes, configuration, and monitoring. Please contact IT Security for more information.

Virtual Private Networks

Networks protected by firewalls generally restrict access to outside networks. In order to access systems on protected networks from outside, it may be necessary to configure access for one or more Virtual Private Network (VPN) ranges.

Border router blocks

A number of checks and blocks are performed against network traffic entering and leaving the ANU network, to prevent some types of network abuse such as spoofing (spoofing is falsifying identity by a person or program in order to gain an illegitimate advantage) and to block certain unsafe traffic. These rules are not applied to traffic internal to the ANU network.