CUMC Home | Columbia University | Jobs at CUMC | Contact CUMC | Find People
For support: call extension 5-Help (212-305-4357) or email us
Safe Computing

Using a Firewall

A firewall works to monitor and block or allow network traffic, both incoming and outgoing, on a private network or individual computer. While there is a hardware firewall to help protect the CUMC and NYP shared campus network, it's still recommended that you use a software firewall on your own computer.

Personal Firewalls
The latest operating systems include built-in firewalls for extra security. These tend to be the easiest to work with, and are pre-configured to allow commonly used programs send and receive necessary data through your network connections. See the Microsoft or Apple support websites for basic instructions; note that instructions can vary based on the specific Operating System version you are using. If you are using a department-owned computer you may not have access to change the firewall settings and should contact your 2nd level IT staff for assistance.

Other personal firewalls such as Zone Alarm and Symantec are available, however these require a slightly higher level of technical proficiency. They typically work by notifying you when any data or programs attempt to enter or exit your computer, allowing you to set default access for specific programs and computer processes. If you decide to use a personal firewall, make sure you read its instructions carefully, as some features will have to be configured to allow access to resources and programs you want to use.

Network Firewalls
Network firewalls are not allowed on the CUMC campus network unless managed
or approved by Core Resources, as stated in the CUMC IT Firewall Procedures.
Core Resources manages the hardware firewall that secures the shared CUMC and NYP campus network from the Internet and the Morningside campus network. This firewall affects certain outbound traffic and prevents unauthorized inbound traffic. NetBIOS, SMTP and other miscellaneous ports determined to pose a security risk are blocked in the outgoing direction. This does not impact the majority of academic or work related programs used on the CUMC campus. Please note that ALL inbound traffic is prevented by default. An authorized departmental user requiring inbound access to applications or systems (for example: web server access) or special requests for opening NetBIOS traffic to the Morningside campus must request this access through the Firewall Exclusion Request Forms. We do not encourage firewall openings related to individual access, instead we request that individuals use the VPN connectivity to acquire encrypted and secure access into the CUMC network.

Blocked Programs
Certain applications such as filesharing and VoIP programs are blocked. Anyone requiring access to these programs must have approval from their Department Chair or higher, and must have a staff member in their Certified IT Group submit the appropriate Firewall Exclusion Request from our Service Request Forms page with complete information.

Students who would like to use blocked programs in campus housing can contact an Internet Service Provider such as Verizon or Spectrum and run the program over the private ISP's connection. If a program is required for academic use, you must get approval from you school's Dean.

Streaming video in QuickTime may require special configuration to be allowed through your firewall(s). For instructions on changing QuickTime's settings, please see CNMTL's page at:

| TOP |

Last updated 11/20/2018