Skip redundant pieces
Information Technology Services
Home : Forms and Policies : Perimeter Security Policy

Perimeter Security Policy

Purpose

The University of Kansas School of Medicine - Wichita develops and maintains appropriate mechanisms to protect the confidentiality, integrity and availability of its computerized data and information resources. Many threats against University systems originate from external sources. To control traffic from the public Internet, the University maintains a firewall at the network perimeter.

Definitions

DMZ
Demilitarized Zone, a special network zone for public servers. The DMZ is both a logical and a physical location.

Firewall
Security device used to block unsafe network traffic.

Network
Computers and associated devices connected to the University’s central communications line.

Perimeter
Boundary established by the firewall between the University's network and the Internet.

Public Server
Approved server that provides services to the general public. Examples include central web servers, domain name servers, and the campus FTP server.

Server
Computer that provides services to multiple users or other computers.

VPN
Virtual Private Network, an encrypted, authenticated, trusted connection from an external site to the University network.

top of page

Policy

The firewall is configured according to the following policies:

Outbound traffic
University computers may initiate connections to the Internet. Subsequent traffic between the University computer and the external site is permitted through the firewall.

Inbound traffic to public servers
External computers may initiate connections to public servers in the University’s DMZ. Subsequent traffic between external computers and the University’s public servers is permitted.

Inbound traffic to internal computers
Workstations and internal servers are protected by the University firewall, and are not visible from the Internet by default. Inbound connections to internal computers are permitted only through VPN. Request must be approved by IT Services.

VPN requirements
Use of VPN software is required to
• Connect to internal computers from an external site in support of the University's mission of teaching, research, and public service
• Connect to external sites in support of University-related business
• Connect authorized users to computers from an external site

Request Forms
Remote Access Form

Related Documents
Policies

top of page

Contact Information

For information on this policy, please contact:

Tom Knapp
Director for Information Technology
Manager for Educational Technology
University of Kansas, School of Medicine - Wichita
1010 N. Kansas
Wichita, Kansas 67214-3199
(316) 293-3462

Penni Smith
Assistant Director
Information Technology Services
University of Kansas, School of Medicine - Wichita
1010 N. Kansas
Wichita, Kansas 67214-3199
(316) 293-3505


top of page