A firewall is a part of a computer system or network that is designed to block unauthorised access while permitting authorised communications. It is a device or set of devices that is configured to permit or deny network transmissions based upon a set of rules and other criteria. (Source)
A protocol is the agreed-upon format for transmitting data between two devices. The protocol determines: a) what type of error checking will be used, b) how to indicate that the data has been sent by the sending device, and c) how to indicate that the receiving device has received the data. There are a number of different protocols, but commonly used web protocols are FTP, HTTP and HTTPS.
The firewall rules are implemented as per the Perimeter Firewall Policy, i.e. with a default Deny all setting that blocks all incoming protocols (inbound connections). Access to the UCT network from the internet will need to be explicitly permitted through the perimeter firewall rules.
Connections from the UCT network to the internet (outbound connections) will not be blocked except for known security vulnerabilities to address organisational risk and to enforce bandwidth management mechanisms.
You will not be affected by UCT's perimeter firewall if you...
- surf the internet, typically browsing publicly accessible web sites.
- access the UCT network via the UCT Virtual Private Network (VPN) service. Users of the VPN will not be affected by the firewall rules and do not need to apply for firewall exception rules. (See: Virtual Private Network service)
You will be affected by UCT's perimeter firewall if you...
- manage a service that offers access from the internet into UCT (inbound) e.g. an email server, web server, database server, etc
- access services that are hosted outside of UCT (outbound) that use ports that have been explicitly denied (See: Currently blocked ports on the UCT perimeter firewall)