While firewall rules have long been in place to protect the university’s core administrative systems, there has historically been insufficient protection at the border of Northern Illinois University’s network. In order to prevent hostile external attackers from gaining access to the network and to prevent people on campus from inadvertently going to sites on the Internet that might pose an active security risk, the Division of Information Technology (DoIT) has redesigned NIU’s network to allow for active border protection against sites that are known to be bad.
“I want to assure students that — contrary to some Internet reports — they will have access to social media websites such as Facebook, Twitter, Instagram, Pinterest, and others,” said NIU Vice President and Chief Information Officer Brett Coryell. “NIU is wholly committed to allowing free and open access to information and only considers blocking network traffic that constitutes a well known threat as determined by the broader IT security community.”
As an educational and research institution, as well as a state funded agency, it is important to protect data and people from external threats. Portions of NIU’s longstanding acceptable use policy are shown when users encounter a blocked site. However, it is important to note that some aspects of the policy are addressing employees, such as the ethical issue of excessive use of state-owned equipment for browsing personal web sites. Other aspects of policy, such as the restriction against using resources for political activities, are not enforced by technical means at all.
Because NIU has been behind in the adoption of standard security practices like border protection for its network, the system is still in its early phases of tuning. The firewalls work by subscribing to “threat signatures” from the vendor in the same way that antivirus software downloads new virus signatures to keep personal computers safe. Faculty, staff, and students can help the vendor tune its signature files by reporting any pages that are incorrectly categorized as illegal or hostile. The Division of IT requests that anybody who is blocked contact the Help Desk via email at firstname.lastname@example.org or by phone (815-753-8100) to provide details so that the issue can be relayed to the vendor for correction.