Skip to main content

Network Access Management


Firewall Service

The firewall service addresses all phases of a firewall security solution, including architectural validation, implementation, operations, and ongoing configuration management. The service provides secure authorization and access control with due consideration to impact on network performance. The IT network and information security analysts will provide consultation to aid in establishing the access controls required to protect data assets.

Implementation and Support

  • Consultation regarding service options and security configurations
  • All required activities to complete perimeter firewall configuration and activation
  • Fully managed perimeter firewall service
  • 24 x 7 centralized monitoring and management of perimeter firewall via the Network Operations Center (NOC) and Information Security Office
  • Consultation and configuration assistance for firewalls installed between internal networks
  • Consultation for implementing host based firewalls on customer systems

Components

  • All equipment and software required to provide firewall protections at the campus network perimeter

Options

  • Options are custom designed based upon the results of consultation

Customer Responsibilities

  • Perform a risk analysis of own environment and determine perceived vulnerabilities prior to the initial consultation
  • Identify a secure physical facility with access control restrictions for the placement of the firewall equipment, should that be deemed necessary after initial consultation (The secure facility requires customer coordinated 24 x 7 accessibility for authorized IT staff)
  • Provide a 24 x 7 point of contact (POC) for IT to contact for reporting and coordinating outages or emergency maintenance. This POC list will include the only authorized contacts for security related issues, including the approval of the initial security policy and requesting policy changes
  • Contact the ITAC Service Desk or the Information Security Office to report problems or request assistance
  • Work with IT on a mutually agreed schedule to allow required maintenance services to be performed in a timely manner
Top

Virtual Private Network (VPN) Service

The VPN service option is a fully managed, end-to-end IP-based service enabling customers to securely connect to various Texas State network resources through an encrypted connection. VPN service is a fully managed solution for customers interested in utilizing standards based encryption technology as the foundation for secure, high performance data communications.

Due to resource limitations we are currently providing the VPN service only to faculty, staff, student employees and contractors/consultants.

Implementation and Support

  • Consultation regarding service options and security configurations
  • All required activities to complete service activation
  • A fully managed service that includes 24 x 7 centralized monitoring and management via the Information Technology Assistance Center (ITAC), the NOC, and the Information Security Office

Options

  • Secure access to customer’s on-campus computer(s) from any location utilizing Remote Desktop Protocol (RDP), Secure Shell (SSH), and other protocols
  • Secure access from any location to any network resource that the customer is authorized to access

Customer Responsibilities

  • Contact the ITAC Service Desk to request the service, report problems, or request assistance
  • Utilize sound security practices to keep VPN client system(s) secure against unauthorized access and other security threats (ex. up-to-date anti-virus and operating system patches)

Top


Host and Endpoint Security Service

The host and endpoint security service is a collection of products and services designed to protect the Texas State network and its endpoint devices from malware and data leakage (unauthorized data disclosure).

Implementation and Support

  • Malware protection and remediation
  • Patch management
  • Encryption

Options

  • Malware protection product examples include McAfee anti-virus, X-cleaner, various open source solutions
  • Malware remediation services include configuration assistance in the use of the above products as well as associated diagnostic activities
  • Patch management products include Windows Server Update Services (WSUS), Cisco Network Access Control (formerly Cisco Clean Access), McAfee Enterprise Policy Orchestrator (ePO)
  • Patch management services include configuration and implementation assistance with the above products as well as associated diagnostic activities
  • Encryption services include consultation and deployment assistance with university-licensed and open source encryption solution

Customer Responsibilities

  • Utilize sound security practices to keep host and endpoint devices secure against unauthorized access and other security threats (ex. up-to-date anti-virus, firmware upgrades and operating system patches)

Top