Skip to main content

SC-5 Denial of Service Protection

Description

The purpose of this Control is to prevent or mitigate denial of service attacks on University networks.

Applicability

  • This Control applies to all Texas A&M network information resources. The intended audience for this Control includes all information resource owners and custodians.

Implementation

  • 1 - Each university unit managing a network shall establish a security strategy that includes perimeter protections (e.g., DMZ, firewall, intrusion detection or prevention system, or router) and incorporates:

    • 1.1 - monitoring for denial of service attack,
    • 1.2 - configuration settings at the network layer to combat such attacks, and
    • 1.3 - maintaining logs of all network activity.
  • 2 - Units shall operate firewall technology with procedures and guidance from Technology Services security operations.

    • 2.1 - The Technology Services security operations staff are authorized to disconnect users from the University network if these procedures are not followed.
  • 3 - The Technology Services security operations staff are responsible for managing the campus firewall and may provide specific guidance and procedures to units in the following areas:

    • 3.1 - Virtual and physical architecture;
    • 3.2 - Protocols and applications that are permitted through the firewall, both inbound and outbound;
    • 3.3 - Traffic monitoring rule set;
    • 3.4 - Approval process for updating or changing rule sets; and,
    • 3.5 - Auditing and testing to verify a firewall’s configuration, rule set accuracy, and effectiveness.