This service along with many others, including phone, data network and data backup services, can be ordered from the IST Shopping Cart.
SERVICE DESCRIPTION |
|
Description: |
Campus departments can purchase firewall service from IST. IST can provide Cisco Systems' integrated Firewall Service Module (FWSM) or standalone NetScreen 5GT hardware firewalls. |
For: |
department |
Charges: |
recharge |
Costs: |
Integrated Cisco FWSM instance:
Standalone NetScreen hardware firewall:
Standalone firewall also requires activation of two network ports. See Data Network Node Activation for additional one-time and recurring charges. |
Contact: |
Technical Account Management (TAM), |
For most departments located on the main campus, services are provided using Cisco's FWSM, an integrated module installed on Cisco switches. For departments whose connectivity does not support the FWSM, IST can provide standalone service using NetScreen 5GT hardware firewalls. All firewalls are configured as transparent bridging devices and support the hidden VLAN security model. Each firewall 'instance' can support one subnet, with an 'inside' and 'outside' VLAN. A server connected to a port assigned to the inside VLAN is effectively 'behind' the firewall.
IST maintains the firewall hardware and software upgrades; while departments have the flexibility to administer their own rulesets using management interface via command-line or GUI interface.
You cannot use this service if you are on a shared subnet. You cannot have multiple hardware firewalls installed on the same subnet; if you already have a firewall installed on your subnet, it will need to be removed before the new firewall can be operational.