Michigan State University uses Next-Generation FireWalls (NGFW) to coarsely filter potentially malicious traffic. NGFWs are used to protect the campus network from known attacks. NGFWs have been placed at the border, and at select locations within the campus network. The NGFWs examine every data packet that flows between MSU's campus network and the global Internet, looking for known attack signatures and protocol anomalies. Some NGFWs also inspect data packets flowing within the campus network. When a NGFW encounters a packet that matches a known threat, the packet is not delivered, and the NGFW logs the event.
The following ports are blocked at the border for traffic coming from, as well as traffic going to, the Internet:
The firewall also blocks unsolicited incoming connections from off-campus with a destination in the following ranges:
- Staff DHCP
- Residence Halls DHCP
- Wireless
- Computer Classrooms
From time to time the campus network undergoes particularly extreme attacks. At such times one or more firewalls may find their resources taxed, interrupting communications across the campus network, or to or from the Internet. Once the attacks are identified and the sources are blocked, network performance will return to normal.
MSU contracts with third-party security vendors to load NGFWs with the latest threat intelligence and reputation blocklisting. Sometimes categorization is automated and customer feedback is an important part of the threat management lifecycle.
Sometimes a device on the campus network may emit traffic that is not malicious but that fails to follow protocol specifications in a potentially dangerous manner. On extremely rare occasions, it is possible that an NGFW will register a "false positive" and interrupt benign network activity. In either event it may be necessary to update configurations to restore connectivity.
Network outages and performance issues are reported at http://servicestatus.msu.edu (link). Individuals and units having questions about the MSUnet NGFWs or who believe their systems or regular network usage may be adversely affected by the NGFW should contact the MSU IT Service Desk at (517) 432-6200.