Below you can find the most commonly asked questions regarding BU’s perimeter firewall. If you have any additional questions, please contact the IT Help Center at 617-353-4357 or send an email to ithelp@bu.edu.
What is a firewall?
A firewall is a security device, either hardware or software based, whose purpose is to monitor and inspect traffic traveling between data networks. Based on a programmed rule set, the firewall will either allow or disallow traffic with the aim of preventing unauthorized access to the campus data network.
Why does the University need a firewall?
The cybersecurity threat to the University is increasing and we must take extra steps to protect our computing assets. The increase in threat is driven by two main factors:
- Increased visibility. As BU rises in prominence through higher rankings and increasingly distinguished research, we become a more attractive target for cyber criminals and even state-sponsored attackers.
- Increased volume and sophistication of attacks in general. Cyber attackers are increasingly skilled and well-resourced, and are turning toward higher education more frequently. The non-profit Open Security Foundation reports that 35 percent of all breaches take place in higher education.
What can a firewall protect against?
The firewall technology protects against cyberattacks and malware targeting the University’s computing resources in two ways: first, by enforcing a network security policy to determine what traffic is allowed in and out of the university network, and second, by actively scanning incoming and outgoing network traffic for malicious software (“malware”) and preventing it from entering the network. Specifically, the firewall has the ability to protect against:
- Network communication that violates normal Internet protocols.
- Malware that it recognizes from a constantly updated database of known malware.
- Unknown and unidentified malware entering our network. The firewall can execute some types of unknown software in a virtual environment, test it for malicious behavior, and thereby prevent malicious software from entering our network.
What can’t a firewall protect against?
It is important to keep in mind that a firewall is a tool for enforcing a security policy. It is not a complete shield against all malicious activity. Amongst the threats the firewall cannot help with are:
- Malicious use of accounts and authorized services. Once an individual has access to your account and password, they can do anything you can do. The most common cause of account compromise is phishing, which is when a malicious individual tries to convince you to send them your account credentials. You can protect yourself by knowing that BU IS&T will never ask you for your password. For more information on preventing your credentials from falling into the wrong hands, please see our guide to safeguarding your computer and your identity, and our guide to identifying and fighting e-mail “phishing.”
- All unknown threats. New vulnerabilities are discovered every day. While the firewall will be kept current with the latest vulnerability information, the technology cannot prevent all attacks and will not protect against every unknown, or “zero-day”, attack.
Do I need to do anything to be protected by the firewall?
No. There is no action is required on your part unless you have special needs to bypass these security measures. When you connect to the BU network, your devices and data will be automatically protected. IS&T has and will continue to work closely with faculty representatives and support staff to address, proactively and reactively, any issues that arise in which the firewall adversely affects teaching, research, or service.
What does this mean for my privacy?
There is little change to the privacy you can expect when using BU network resources. The firewall inspects data as it enters and leaves the campus network. The inspection is automated; Information Services & Technology staff will only analyze data to investigate a cyberattack or to troubleshoot issues at a client’s request. BU Information Security policies and procedures are governed by the Information Security and Business Continuity Governance committee, which includes representatives from across the university.
Can I be exempted from the firewall protections?
Although the team has made every effort to produce a firewall ruleset that provides maximum ease of use with minimum risk, we may occasionally have a rule that requires an exemption. If you know or suspect that an application you use needs such an exemption, please fill our our contact form to request an exemption for VPN services or to request any other exemption.
I received a screen stating Malicious Web Page Detected. What should I do?
If you are shown a screen similar to that displayed below, the firewall has blocked a page known to cause harm either through malware or phishing attempts. No further action is required on your part, and you can close the message. If you believe the page is in fact not malicious, please submit the URL to our firewall vendor, Palo Alto Networks, to request a change. If the vendor responds that they are not re-categorizing the site, contact the IT Help Center at ithelp@bu.edu.
I received a screen stating Virus/Spyware Download Blocked. What should I do?
If you are shown a screen similar to that displayed below, the firewall had blocked a download of a known virus or spyware program. No further action is required on your part, and you can close the message. If you believe the file is in fact not infected and need the file exempted, please contact the IT Help Center at ithelp@bu.edu as instructed in the pop up message.
I used to be able to print from off campus and now I can’t. What changed?
Beginning on November 17, 2016 IS&T Information Security deployed an update to the campus firewall to protect on campus printers from the Internet. This update prevents reams of paper from being wasted and stops abusive hate and spam messages from being printed. With this change, printing from off campus is no longer possible unless you connect to the VPN (vpn.bu.edu or vpn.bumc.bu.edu for the BUMC campus) first. If you have any additional questions, please contact the IT Help Center at 617-353-4357 or send an email to ithelp@bu.edu.
I cannot print from off campus. What do I need to do?
Connect to the VPN (vpn.bu.edu or vpn.bumc.bu.edu for the BUMC campus) first and then print. If you have any additional questions, please contact the IT Help Center at 617-353-4357 or send an email to ithelp@bu.edu. For more information about the VPN please see our VPN support page.
I still have some concerns. Who can I contact?
The BU IT Help Center is equipped to discuss your concerns with you. Call 617-353-4357 or send email to ithelp@bu.edu.