University Firewall FAQ: General

Visit the University Firewall service page


What is the University Firewall?

The University Firewall is an automated security tool used to filter out known malicious network traffic. Malicious network activity is designed to exploit vulnerabilities in devices connected to Penn’s network, allowing others to gain unauthorized access to, and control of, your devices and the information they hold.

The University Firewall permits Penn to quickly, consistently, and broadly defend against attacks that could result in in the destruction, alteration, and disclosure of confidential University data.

How do you know what to let in, and what to keep out?

The University Firewall is maintained by a team of Penn network administrators and security specialists who ensure that the list of identifiable threats being blocked by the Firewall is kept current, based upon trends in real-time network activity around the globe, threat reporting from authoritative third-party sources, and a thorough examination of known attack vectors.

The actions of the team are guided by a governance group containing representatives from Schools and Centers across the University.

Are you blocking or censoring certain types of content?

No. The University Firewall is not designed to inspect the semantic content of any network traffic, and upholds Penn’s commitment to open expression and electronic privacy. Instead, it is focused on protecting against certain categories of functional threats (such as seizing control of your computer from a remote location) that can compromise devices connected to Penn’s network.

How will I know if the Firewall is preventing me from seeing a website?

You will receive a message in your web browser stating that the web page you are trying to view has been blocked by the University Firewall. (Click to see how this message looks.)

If you are having trouble connecting to networked resources outside of Penn using tools other than web browsers, contact your Local Support Provider (LSP) for help in identifying the root cause of your connectivity issue.

Doesn’t my part of campus already have a firewall?

Possibly. Some Schools and Centers at Penn have deployed local firewalls designed to protect a specific group of assets within the University network. The University Firewall is configured to protect “at the border,” at a network transmission’s first point of contact with any protected portion of the entire Penn campus network. If your School or Center has also activated a local firewall, you may be receiving an additional set of protections that support your organization’s specific needs. Your Local Support Provider (LSP) can provide clarification about your particular situation.

Are my connectivity issues related to the Firewall?

It’s highly unlikely. Because the University Firewall is designed to block identified threats, your actions on the network would remain completely unaffected by the Firewall unless they would bring you into contact with a verified threat source. As always, your Local Support Provider (LSP) remains the best source of information about your particular connectivity issue when you are using the campus network.

Will the Firewall interfere with my access when I’m off-campus?

It should not. The University Firewall is designed to block incoming and outbound network traffic which has been reliably identified as a known threat, such as traffic originating from malicious hosts in remote locations or traffic from Penn hosts attempting to reach malicious off-campus hosts. The devices and hosts you use to conduct your Penn-related activities while you are away from campus are extremely unlikely to be among the sources of malicious activity that the Firewall blocks from campus.

The recommended practice of using only known, secured networks to conduct University-related activities while away from campus also helps ensure that your access to University assets remains unaffected by the Firewall.

Will the Firewall interfere with my research?

The University Firewall is constructed in alignment with, and in support of, Penn’s academic mission. Because the Firewall is not designed to inspect the semantic content of any network traffic, it does not restrict the open exchange of ideas and information.

In exceptional cases where the work of Penn researchers requires direct contact with known sources of technical threats to the campus network (e.g., computer security research), or relies upon high-performance computing that may be affected by the Firewall, a researcher can initiate a request for network arrangements outside the University Firewall. Should you need these arrangements, speak with your Local Support Provider (LSP) to learn more about how to proceed.

Will the Firewall protect me from computer viruses?

It is ill-advised to rely upon the University Firewall for comprehensive virus protection. The University Firewall is designed to block known threats that employ the campus network at the very moment their attacks are being carried out. Many computer viruses and other malware remain dormant or encrypted while they are being spread, actively attacking infected devices at a later point in time.

It is also possible to acquire computer viruses when your device operates outside the University Firewall. While the Firewall may allow Penn to identify network traffic to malicious host sites from our campus, it is by no means designed to detect or report all compromised devices.

To protect your devices against viruses, malware, and other forms of transmissible compromise, speak with your Local Support Provider (LSP) about antivirus tools and best practices.

What happens if an infected device is brought inside the Firewall?

The University Firewall is set up to block known threats from traffic to and from the Penn campus network. It is not designed to examine individual devices within the campus network and assess whether those devices have been compromised, nor is it designed to examine all traffic within the Penn campus network. If an infected device is connected to the campus network, the potential remains for that device to infect other devices on the campus network.

Although the Firewall will identify when devices connected to the campus network attempt to connect to malicious remote sites, these connection attempts may take place weeks, or even months, after those devices have been compromised. In the interim, the malware that initially compromised those devices can continue to rapidly and silently spread.

Speak with your Local Support Provider (LSP) about tools and best practices for detecting and protecting against the compromise of any device you use to conduct University-related activities.

If we have a firewall, why am I still getting junk emails?

The University Firewall is not designed to inspect the semantic content of any network traffic, and thus cannot categorize individual emails based upon their subject matter. If you feel you are receiving too much irrelevant email in your Penn email account, speak with your Local Support Provider (LSP) about available options for filtering your email content.