LBLnet, the data network within LBNL, is not protected by a conventional firewall. We use a powerful intrusion detection system (IDS) that passively examines every data packet entering and leaving LBNL and compares each one to an evolving list of known and suspicious behaviors and patterns. When harmful or potentially harmful behavior is detected, the outside participant is blocked (by ACL or null-route) from transmitting to LBNL. Occasionally, groups within LBNL require further data protection. When this is necessary, LBLnet Services Group provides and supports (on a time-and-material basis) conventional firewall protection or (in special circumstances) router ACLs.
Current desktop operating systems contain a built-in firewall. The Helpdesk provides assistance with desktop security. If you believe additional protection is needed for your server or workstation, please e-mail [email protected] for advice.
- Windows users enable the Windows Firewall through the Security Center section of the Control Panel.
- Mac users enable the firewall through the Security pane in the System Preferences program.
- Call the Helpdesk at ext. 4357 (486-4357) or e-mail [email protected].
- For firewall policy, contact the Computer Protection Group at [email protected].