Description
Applicability
-
This Control applies to all Texas A&M network information resources. The intended audience for this Control includes all information resource owners and custodians.
Implementation
-
1
Each university unit managing a network shall establish a security strategy that includes perimeter protections (e.g., DMZ, firewall, intrusion detection or prevention system, or router) and incorporates:
-
1.1
monitoring for denial of service attack,
-
1.2
configuration settings at the network layer to combat such attacks, and
-
1.3
maintaining logs of all network activity.
-
1.1
-
2
Units shall operate firewall technology with procedures and guidance from Technology Services security operations.
-
2.1
The Technology Services security operations staff are authorized to disconnect users from the University network if these procedures are not followed.
-
2.1
-
3
The Technology Services security operations staff are responsible for managing the campus firewall and may provide specific guidance and procedures to units in the following areas:
-
3.1
Virtual and physical architecture;
-
3.2
Protocols and applications that are permitted through the firewall, both inbound and outbound;
-
3.3
Traffic monitoring rule set;
-
3.4
Approval process for updating or changing rule sets; and,
-
3.5
Auditing and testing to verify a firewall’s configuration, rule set accuracy, and effectiveness.
-
3.1