...
- Simpler and more bomb-proof network protection than a firewall.
- 10.Space systems are blocked from accessing general internet / web sites. This minimizes risks of malware or data breaches from these systems.
- Computers still get:
- network access to group file shares.
- Active Directory and other campus computing management access
- Patching and updates: OS, apps, anti-virus.
- Network-based anti-virus reporting.
- Printing from RedRover/ eduroam, which is not normally allowed in, is enabled by opening port 9100.
- No VPN required.
- Small Routers on 10 space used to isolate clusters and systems with obsolete OS from other network devices, while allowing network access.
On occasion the device may need a public IP temporarily. Such a change requires modifying the DNSDB record.
...
- All (100%) of Chemistry and Physics networked printers: 129
- 87 of those are on Research networks.
- Many, many computers hooked up to instrument systems and most servers: 74
- 49 of those are on Research networks.
- 10 Space routers, allowing access for multiple systems
For context. other numbers:
...
Affords twice the number of IPs on a network than if 10-space numbers were converted to public IP addresses (and presumably similarly blocked at the network layer via firewall or ACL).
- Many of our computers are outdated, and will never be able to utilize ipV6.
Caution: Ensure CU's proxy server configured with necessary off-campus access
...