Please enable javascript to view this page in its intended format.

Queen's University

Firewall Management Service

ITServices provides firewall management services by locating and operating the ITServices standard firewall hardware, currently Cisco, in protected locations within the University.

Getting Started


  • Departments and select organizations associated with the University.

Additional Information:

    • ITServices will:
      • Provide initial consultation and design to determine requirements
      • Advise the Department Contact on baseline and optional rules
      • Provide implementation and transition services
      • Install, configure, and maintain firewall hardware and its prerequisite packages
      • Backup the configuration
      • Provide emergency service for hardware level failures during business hours (see Normal Service Availability Schedule in Service Agreement)
    • Emergency repair includes:
      • Coarse level diagnosis of problem to determine cause
      • Reboot hardware, etc. to resolve resource shortage or deadlock
      • Substitute locally available spare parts
      • Correct minor configuration errors, if applicable
      • Place repair calls with hardware suppliers
      • Respond to and resolve questions about, problems with, and requests for enhancements to the service from the Department Contact. (See Non-Emergency Enhancements in the Service Agreement for details)
      • Provide yearly reassessment of the firewall configuration and infrastructure to ensure the current deployment reflects policy and requirements
      • Provide analysis and reports of firewall log results (use, attack attempts blocked, summaries, etc.) as necessary


    Requirements & Availability:

    Departmental Responsibilities:


    Each firewall request will include the name of a Department Contact who will be responsible for providing direct support to the department users.


    The Department Contact will:

    • Adequately understand network protocols to specify departmental requirements for firewall rules clearly and accurately
    • Manage the department’s firewall requirements to ensure there are no conflicting firewall rule requests
    • Understand implications of access rules
    • Maintain knowledge of firewall host entries
    • Provide local application support if required
    • Provide timely notification for change requests


    • Network segmentation:
      • ITServices can provide additional network segmentation within firewall networks to create additional security zone
      • Additional network segments come with additional configuration and support costs
    • SSL VPN Service:
      • SSL VPN Services are additional cost services that allow for clientless secure connection to services and hosts behind a firewall
      • SSL VPN Services must be tailored to the specific service being offered, and come with additional licensing and support costs

    Help & Support

    Kingston, Ontario, Canada K7L 3N6 613.533.2000