Firewalls defend computers and systems from viruses and other security threats. The UCSD Minimum Network Connection Standards require firewall and antivirus protection for any device connected to UC San Diego's network. Regular backups and security patch updates also help protect your system.
How firewalls work
Packets, or bits of information, constantly travel over the network and can contain harmfulmessages that compromise a system's normal operation. "Host-based" firewalls control incoming and outgoing network traffic on individual machines (or "hosts"). These firewalls check each packet's source, destination address, port, type, etc., and then determine whether to allow them into the machine.
A basic firewall setup either comes with your operating system or through a third-party purchase, and allows normal computer use for most users on campus. Hosts with more complex protocols may need advanced configuration. Even if your department uses hardware firewalls, additional host-based firewalls help. In either case, firewalls log activity for inspection, warn of harmful activity, or prevent malicious software from attacking other network devices.
UC San Diego requirements for setup
Host-based firewalls that connect to UC San Diego's network must allow incoming Internet Control Message Protocol (ICMP) or echo requests. IT Services' Security team must be able to communicate these requests with your machine if they suspect malicious software has infected it. All firewall instructions include directions for enabling ICMP or echo requests.
Not all firewall exception requests are harmless. After you set up a firewall, viruses and worms may prompt you to allow their connections. Firewalls cannot function as effective security tools if configured to accept every request. Before clicking OK, consider whether or not you want to run the requested application on your system.