Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 17 Next »

Why is this being done:

A firewall has been installed to protect the PMA network from the rest of the campus and the world. The goal is to decrease the number of exposed vulnerabilities on the PMA network. This increased security will cut down on the number of ISO quarantines about services listening on the network and prevent devices from being blocked on the network. Over the next five years, we will work with building tenants to move them to a new scalable network to align the building with the rest of campus centralization efforts.

What departments does this effect:

  1. Physics
  2. Fusion
  3. Math
  4. Astronomy

What type of connections does this affect:

  1. Wired only, wireless is not changing
  2. Devices on public networks only (private will not be affected)
    1. Public IP addresses begin with 128, 146, or 129.
    2. Private IP addresses that start with 172 or 10 are not affected

What will still work (please see graphic below):

  1. All traffic within one department
  2. All traffic from any computer connected to VPN
  3. All outgoing connections from the computer inside PMA except when connecting to a different department in PMA

  4. If you can perform a task while on Wi-Fi you will be able to perform the same task while on hardwire except when connecting to a different department in PMA

  5. Connections to instrument and printer networks

  6. Any whitelisted services (Complete this form to request a service to be whitelisted: https://utexas.qualtrics.com/jfe/form/SV_6Rplgi8pWRUTz9j )

What will no longer work after all the rules are applied (please see graphic below):

  1. Traffic between departments: Physics, Fusion, Math, Astronomy
  2. Incoming traffic initiated from TACC (it is recommended to initiate the connection from the computer in PMA not from TACC)
  3. Incoming traffic from devices on Wi-Fi

When will this be done:

Due to the unknowns surrounding the COVID-19 pandemic, we aren't able to provide a full schedule. This graphic will be updated as dates are determined.

What is the schedule of Phase 4:

Math/Astronomy the following ports will be blocked the following dates (dates subject to change)

    • Phase 1: 49152-65535 — Mon 11/16
    • Phase 2: 10000-49151 — Wed 11/18
    • Phase 3: 5000-10000 — Thur 11/19
    • Phase 4: 1024-4999 — Mon 11/23
    • Phase 5: 100-1023 — 11/30-12/3
      • 973-1023 — Mon 11/30
      • 742-972 — Tues 12/1
      • 408-741 — Wed 12/2
      • 100-407 — Thurs 12/3
    • Phase 6: 1-99 — 1/5-1/14 (do a few ports a day M-Th - schedule TBD)
      • 74-99 — Tue 1/5
      • 48-73 — Wed 1/6
      • 22-47 — Thur 1/7
      • 1-21 — Mon 1/11


 Physics/Fusion - COMPLETE

Physics/Fusion the following ports will be blocked the following dates (dates subject to change)

    • Phase 1: 49,152-65,535 — Wed 10/7
    • Phase 2: 10,000-49,151 — Thur 10/8
    • Phase 3: 5,000-10,000 — Wed 10/14
    • Phase 4: 1,024-4,999 — Tue 10/20
    • Phase 5: 100-1,023 — 10/26-10/29 (few ports a day M-Th - schedule TBD)
      • 973-1023 — Mon 10/26
      • 742-972 — Tues 10/27
      • 408-741 — Wed 10/28
      • 100-407 — Thurs 10/29
    • Phase 6: 1-99 — 11/2-11/12  (do a few ports a day M-Th - schedule TBD)
      • 74-99- — Mon 11/2
      • 48-73 — Tues 11/3
      • 22-47 — Wed 11/4
      • 1-21 — Thur 11/5


How do I request a firewall rule exception:

Please fill out this request: https://utexas.qualtrics.com/jfe/form/SV_6Rplgi8pWRUTz9j

What if I have specific needs that need to be discussed:

Please denote that on the survey -OR- submit a ticket here: https://cns.utexas.edu/help -OR- email  cns-it-projects@austin.utexas.edu . Any of these methods will create a ticket and we will be in touch.

  • No labels