Using a Firewall
A firewall works to monitor and block or allow network traffic, both incoming and outgoing, on a private network or individual computer.
While there is a hardware firewall to help protect the CUMC and NYP shared campus network, it's still recommended that you use a software
firewall on your own computer.
The latest operating systems include built-in firewalls for extra security. These tend to be the easiest to work with, and are
pre-configured to allow commonly used programs send and receive necessary data through your network connections. You can find
instructions on using both the Windows and Macintosh OS firewalls at CUIT Security's
built-in firewalls site; please contact the
CUMC IT Service Desk with any specific questions or issues. If you are using a department-owned
computer you may not have access to change the firewall settings and should contact your 2nd level IT staff for assistance.
Other personal firewalls such as Zone Alarm and Symantec are available, however these require a slightly higher level of technical proficiency. They typically work by notifying you when any data or programs attempt to enter or exit your computer,
allowing you to set default access for specific programs and computer processes. If you decide to use a personal firewall, make sure you read
its instructions carefully, as some features will have to be configured to allow access to resources and programs you want to use.
Network firewalls are not allowed on the CUMC campus network unless managed
or approved by CORE Resources, as stated in the CUMC IT Firewall Procedures.
CORE Resources manages the hardware firewall that secures the shared CUMC
and NYP campus network from the Internet and the Morningside campus network.
This firewall affects certain outbound traffic and prevents unauthorized
inbound traffic. NetBIOS, SMTP and other miscellaneous ports determined to
pose a security risk are blocked in the outgoing direction. This does not
impact the majority of academic or work related programs used on the CUMC
campus. Please note that ALL inbound traffic is prevented by default. An
authorized departmental user requiring inbound access to applications or
systems (for example: web server access) or special requests for opening
NetBIOS traffic to the Morningside campus must request this access through
the Firewall Exclusion Request Forms. We do not encourage firewall openings
related to individual access, instead we request that individuals use the
VPN connectivity to acquire encrypted and secure access into the CUMC
Certain applications such as filesharing and VoIP programs are blocked. Anyone requiring access to these programs must
have approval from their Department Chair or higher, and must submit the appropriate Firewall Exclusion Request from our Service Request Forms page with complete information. This requires advanced technical
knowledge including ports and protocols used; if you do not know these you must contact your department's 2nd level or higher IT staff for
assistance. The CUMC IT Service Desk provides 1st level support and is not able to assist in finding this information.
Students who would like to use blocked programs in campus housing can contact an Internet Service Provider such as Verizon or Time Warner and run the
program over the private ISP's connection. If a program is required for academic use, you must get approval from you school's Dean.
Streaming video in QuickTime may require special configuration to be allowed through your
firewall(s). For instructions on changing QuickTime's settings, please see CNMTL's page at:
| TOP |