School of Medicine Protected Networks

Enhanced Network Security

We have increased the network security for SoM devices by utilizing Protected Networks.  These are network spaces that provide enhanced or specialized firewall rules that reduce the risks to devices that might be particularly vulnerable to compromise or attack.

Examples of Protected Networks include:

WinSecure

WinSecure was specifically set up for devices that are dedicated to managing specialized scientific equipment.  These devices cannot support the security compliance standards, either due to conflicts with the reporting software or the necessity to run an operating system that is no longer supported.  There are specific outbound and inbound rules that apply to devices on this network, and the devices must not be used as a standard endpoint for purposes of email or web/browser uses.

Server

There are multiple networks designed to protect the special needs of servers.  These exist throughout the Med School as well as in the SoM data centers and other server facilities around campus.

SoM servers must be on a protected network.

Instrument Control

Similar to WinSecure above, the Instrument Control network was designed for specialized equipment that cannot fully meet the minimum security requirements but is still receiving operating security patches.

Other Specialized Equipment

There are networks dedicated to specialized equipment such as building automation or classroom capture systems.  These are systems that are highly specific and sometimes need support access from outside Stanford.  They generally require rigorous security to prevent access to centralized systems.

Printer

These networks are specifically designed for printers, including the network ports pre-configured so that those rules do not need to be added for every new printer.

Firewalls

Firewalls are an important part of the security infrastructure – a barrier protecting a network or computer. Like the physical wall that is used to keep destructive fires from spreading from one area to the next, an electronic firewall keeps unauthorized users like hackers from spreading their destructive material onto your network or computer.  The firewall protects a network or computer by carefully inspecting each piece of information passing into and out of the network, filtering it based on a specific set of rules. These rules tell the firewall whether to reject or approve access to the network or computer, keeping out unauthorized users who may want to corrupt the information stored behind the firewall.

The School of Medicine, in collaboration with University IT,  maintains firewalls to increase the security of your computer, and of the University, as well as to comply with federal and state requirements. The majority of Stanford  network firewall rules default to refuse all connections initiated from outside of Stanford University’s network. If different access rules are required in some cases, TDS Information Security approves and configures access for School of Medicine departments and associates.