Firewalls and the School of Medicine

Firewalls are an important part of the security infrastructure. A firewall is a barrier that protects a network or computer. Like the physical wall that is used to keep destructive fires from spreading from one area to the next, an electronic firewall keeps unauthorized users like hackers from spreading their destructive material onto your network or computer.

A firewall protects a network or computer by carefully inspecting each piece of information passing into and out of the network, filtering it based on a specific set of rules. These rules tell the firewall whether to reject or approve access to the network or computer, keeping out unauthorized users who may want to corrupt the information stored behind the firewall.

If you are responsible for a system on the school’s network that provides services like a web server or file server, please let us know so we can configure the firewall to accommodate these services. Keep in mind that the on-campus residence halls are considered off-campus, so connections from there will require use of the University's VPN service or an exception to the firewall.

To request a change for a server: please ensure there is a record for it in SUSI (Stanford University System Inventory) first, then file a Service Now ticket, confirming that it's been inventoried; also let us know the name of the system in question, the IP address, specific ports you need open, and who/what needs access to the server. Please let us know when you no longer need this exception implemented, so we can disable it accordingly.

To request a change for a computer that is not a server: Please open a Service Now ticket, with the name of the system that needs an exception set, the IP address, and any specific ports you need open for this system. Please let us know when you no longer need this exception implemented, so we can disable it accordingly.

Rule changes will be implemented within three business days, unless the request is urgent. For our purposes, "urgent" is defined as follows:

• A problem is urgent if it causes complete loss of service to the production environment; work cannot reasonably continue. Workarounds to provide the same functionality are not possible and cannot be found in time to minimize the impact on business. The problem has one or more of the following characteristics:
  • A large number of users cannot access the system.
  • Critical functionality is not available. The application cannot continue because a vital feature is inoperable, data cannot be secured, backed up, etc.

YES! If you are using the University's VPN service, you can use it to access School of Medicine systems from off-campus without need for firewall exceptions. VPN is your ideal solution for intermittent remote access (e.g., accessing your server or workstation resources while away from campus). For additional help, contact the Help Desk at tdshelp.stanford.edu or 650-725-8000 (M-F, 7a-6p).