|
Division of IT: Security
MU Network Zones
Zone 1: Unrestricted Services Zone
Servers store only public information. Servers may reside anywhere in the MU network but may be subject to restrictions based on the Division of Information Technology network policy. For instance, a server behind the main campus firewalls may not be visible to the entire Internet. IPS or IDS monitoring is desired.
Zone 2: Shared Server Zone
Servers are behind a campus or departmental firewall using a "default deny" policy. Servers may be accessible within the network zone but visibility to the Internet will be denied by default. Requests to make the service available to the entire Internet will not be permitted. IPS or IDS monitoring is required.
Zone 3: Secure Server Zone
Servers are behind at least one firewall that is dedicated to the application. A shared campus firewall cannot be substituted for a dedicated firewall. The firewall rule set will be limited to services required to operate and maintain the application and are subject to periodic review by Divisoin of IT and/or external auditors. IPS or IDS monitoring is required.
|
