Texas A&M UniversityTechnology Services

Search this Site

Texas A&M University | Technology Services
Texas A&M UniversityTechnology Services

Campus Firewall

Request Support

Overview

The campus firewall protects Texas A&M University's network by restricting unauthorized access from the internet. It blocks all inbound IP protocols by default, requiring resource owners to submit requests for specific port openings. This helps protect university systems from potential abuse or attacks.

Quick Links

Getting Started

Before requesting a firewall port opening, verify existing firewall settings via the Get System Information section of the CSI portal. Group ownership information in Infoblox determines your access. To request a port opening in the campus firewall, visit the CSI portal or email firewall@tamu.edu.

Request

  • Submit port opening requests via CSI portal or email firewall@tamu.edu.
  • Requests must come from the resource owner or a listed custodian in Infoblox.
  • All systems must have the university vulnerability scanning agent installed and pass a scan (medium+ vulnerabilities must be resolved).
  • Requests may take up to two business days to be completed. If the request is urgent, and the two-day timeline is not sufficient, please state that the request is URGENT and include the reason for this urgency. If you do not receive a response to your email, please call Help Desk Central at 979.845.8300, and ask them to contact System and Application Security concerning your request.

Service Details

Firewall settings are hostname-based and applied to associated IP addresses. Opening a port requires:

  • Valid Infoblox ownership data
  • Secure system configuration
  • Compliance with vulnerability scan requirements
  • All websites or mobile applications that may process critical or confidential data must have a vulnerability scan (See RA-5) and penetration test (See RA-2) conducted by the Technology Services security team. To determine the data classification, please go to https://tools.security.tamu.edu/data-classification-calculator/. Once you receive the results, please send a screenshot of the classification. If confidential or critical is displayed, you will have up to two months to request the required penetration test. 

Firewall configurations are reviewed regularly for security risks and accuracy.

Features

  • Protection from external network threats
  • Host-based firewall configuration
  • Integration with Infoblox group ownership
  • Vulnerability scan enforcement
  • Real-time and scheduled port management

Guidelines

  • Ports opened must correspond to IANA-assigned services.
  • Encrypted services must use trusted Certificate Authority (CA) certificates.
  • Insecure protocols like Telnet, FTP, IMAP, and POP will be blocked.
  • Multi-factor authentication is required for services using credentials.
  • Use VPN for secure access without firewall exceptions.
  • SMTP (port 25) is closed by default; exceptions require strong justification.
  • Students with systems in Residence Halls are not allowed to request a firewall port opening.
  • IT Security audits firewall rules regularly and may block non-compliant hosts.
  • Any port opening with an outside vendor, regardless of whether it is for POC or research purposes, must have a contract and business agreement in place.
  • No monitoring of network traffic by unauthorized users
  • Systems must not expose unencrypted or vulnerable services

Contact Information

Firewall Support

Last Modified: August 14, 2025