Nokia based CheckPoint firewalls are used in IT Services managed data centers to control network access to the computer systems on data center production networks. The CheckPoint firewalls are centrally managed, deployed in pairs, and configured for high availability and effective bandwidth throughput. They currently guard three production subnets in each datacenter (DMZ, Extranet and Protected). This configuration is meant to allow for optimal flexibility in meeting host security requirements.
Each subnet or security zone is configured with specific firewall rules allowing for specific access to hosts in each zone.
Q: How do I know which subnet or security zone my system or host(s) should be placed in?
A: This is usually determined during a Security Design consult with the SIT Operations team.
This placement determination is based on security requirement of your particular application, system or host.
The different Data Center firewall zones are described in the Data Center Firewalls web page.
Q: If these firewall appliances failed or stopped working, would my system or host(s) then be
vulnerable to unauthorized access?
A: The firewalls are configured in a redundant fashion, if one failed the other would continue
to provide security protection. If both units were to fail at the same time, all access from outside the
subnet would be discountinued.
All Nokia Checkpoint firewall relate questions, concerns or service requests should be routed to the SIT Operations Team. You can contact them by opening a Helpdesk Ticket directly to the SIT group or by e-mailing the IT Services Help Desk at mcsos@u.washington.edu.
Lists below are links for additional resources related to this subject: