The firewall helps considerably in protecting your IT systems. Your firewall is able to analyse data streams and can thus protect your IT systems from attacks or unauthorised access. Leipzig University follows a multi-level firewall concept. We present it to you here.
Our multi-level firewall concept
The university follows a multi-level firewall concept:
- Some access rules are set on the incoming routers.
- The administration and institutions operate their own firewalls or those provided by the URZ. The URZ strongly recommends that all institutions operate their own firewall or rent one from the URZ.
- A desktop firewall (e.g. Windows firewall) should be activated on all user computers.
The university is connected to the internet via central network devices. Some very basic access restrictions are entered on these so-called routers. For example, only the central or reported mail servers are allowed to send e-mails to the outside. This prevents infected computers from acting as spam senders.
There is no central university firewall. Without further precautions, every computer would therefore be connected directly to the internet without protection.
The URZ therefore strongly recommends every administration or institution to operate its own firewall. Setting up one's own firewall infrastructure and constantly updating it usually involves an enormous amount of time and effort. For this reason, the URZ offers virtual firewalls to institutions.
The URZ offers institutions the rental of a virtual firewall at a very low price (currently 400 euros/year). This is realised via firewall hardware, which elaborately implements several independent firewalls.
The institution administers the access rules independently, so it is not limited to the URZ specifications or central specifications. Of course, the URZ is happy to advise on the configuration of the virtual firewall.