Network Access Controls
Toronto Metropolitan University (TMU) operates a firewall at the gateway between the university and the Internet, as well as firewalls within TMU to segment TMU's network and to protect its data centres. By default these firewalls block inbound connections.
The deny-by-default practice is not intended to make it difficult for departments to run their own servers or research networks. It is intended to protect systems from being scanned and attacked that do not need to be accessible from outside the networks the firewalls protect.
Register Your Server or Network With CCS
IT service providers at Toronto Metropolitan University must register their servers or networks with CCS in order to make them accessible from the Internet. To do so, please complete the google formServer Registration Form, external link, opens in new window.
In order to complete the form, you’ll need the following information:
- IP addresses and ports that must be visible from outside Toronto Metropolitan University.
- What services are running on each system.
- Owner of each system (department or other information).
- Please include email address and full name and position of the owner within the department.
- Technical contact for each system (must include email address and full name).
IT service providers must ensure that:
- each server is hardened against attack;
- server OS, middleware and applications are all patched regularly (not just occasionally);
- each server is constantly monitored for attacks and compromises including compromised accounts - detailed logging is required.
Blocking Malicious IP Addresses
Firewalls are also used to block all inbound and outbound traffic for IP addresses that have consistently exhibited extremely malicious behavior or that are involved in ongoing security incidents. These are normally blocked at the Internet gateway.
If you are an IT service provider at Toronto Metropolitan University or have a system that is being persistently probed or attacked by a remote system, you can report the problem and work with CCS to block the attacking IP addresses. Please start by filling in the google formNetwork Attack Report Form, external link, opens in new window.
If you need to prevent an IP address from being blocked, please complete the google formAllowed Addresses Form, external link, opens in new window.
Some IP addresses such as proxy servers and anonymization networks, that are used in attacks may not be blocked at Toronto Metropolitan University’s gateway to the Internet but may be blocked from Toronto Metropolitan University’s data centres and some administrative networks.
If this causes a problem for a service you are responsible for, please use the appropriate form to report the problem.
Web Address Filtering
The gateway firewall also provides a dangerous URL warning service. If you are using TMU's network and click on or enter a URL to a site suspected of hosting malware or having another security issue, a message will appear in your browser warning you of the danger.
When the warning appears you can still choose to continue to the site by clicking the continue button. CCS maintains logs that include the occurrence of this event, the URL in question, and your choice to proceed.
CCS does not examine personal information in logs except as part of a security or other type of investigation. In some cases the continue button will not be available when URLs are blocked due to a specific incident.
The firewall uses a regularly updated database of potential threat sites that is maintained by the firewall vendor’s security team. The vendor’s Security Analytics team scans the Internet looking for malicious websites.
Once a potential threat site is identified, the information is passed on to their Threat Research Team. This team conducts further research into the website by looking for suspicious behavior, embedded malware and links to other problematic sites. From this research the site is classified for its threat potential, and if appropriate, added to the database. Database updates are transmitted from the vendor to TMU's firewalls at regular intervals.
- TMU’s Network and Server Security Management Policy, opens in new window
- TMU's Network and Server Security Management Procedure and Annex, opens in new window.
- Guidelines on Firewalls and Firewall Policy, external link, opens in new window - Recommendations of the National Institute of Standards and Technology