Administrative Firewall Retirement

Proposed Problem:

As part of our ongoing efforts to streamline network access, we wanted faculty and staff who access secure systems to have one less login everyday.  Eliminating the administrative firewall also reduces the level of complexity for our systems, contributing to higher availability of network resources.  From a security standpoint, we continue to rely on domain account credentials — so the primary shift is how and when these credentials are required.

Completed July 2014:

This was a big event for people on campus who use the administrative firewall, and a not very interesting one for anyone who didn’t. The admin firewall was used to get to sensitive institutional data (budget and personnel data, for example, in Banner ERP or Vault). Not having to remember this has been a relief!

The security provided by the firewall is still there, in front of each protected service. But because you’ve logged into your computer, the network already knows who you are and what you should have access to,  it doesn’t need to ask you again. One less log-in.

Note: We are still using the SSL VPN client from off campus, when you need to get to institutional data on campus.

Project Sponsor: Library and Technology Services

LTS Contact: Erin Richardson