This policy establishes the guiding principles and collaborative decision-making process for the administration, configuration, and operating procedures for network firewalls at UW–Madison. The purpose is to provide more extensive, adaptable, and consistent network protection in order to counter increasingly sophisticated and persistent attacks on university data and systems.
Strong and adaptable rules provide better and more consistent protection. However, strong and adaptable rules are more likely to have a short-term impact on university operations as they are tuned to maximum necessary protections and minimize inadvertent interference.
The principles and decision-making process established by the policy help reduce cybersecurity risk to the institution by enabling stronger and more adaptable protections than would otherwise be possible. The policy and implementation plan are designed to:
The immediate need is to select and manage the common (shared) network firewall rules that are specific to the Next Generation firewalls. Sound principles and a collaborative decision-making process are necessary because the common rules apply to all devices and services on subnets which are protected behind a Next Generation firewall.
Beyond the common (shared) network firewall rules, there is a longer-term need to more generally improve the administration, configuration, and operation of UW–Madison network firewalls, using the same principles and collaborative decision-making process.
Applies to all network firewalls at UW–Madison.
"…take reasonable measures to protect the privacy of its IT resources and accounts assigned to authorized users... Any activity on UW System IT resources may be monitored, logged and reviewed by UW System-approved personnel... The UW System has the right to employ appropriate security measures, to investigate as needed, and to take necessary actions to protect UW System IT resources…"