Denial of Service Protection (SC-5)

| Show Notes
Created August 12, 2016
Revised September 1, 2016

Description

The purpose of this Control is to prevent or mitigate denial of service attacks on University networks.

Applicability

This Control applies to all Texas A&M network information resources. The intended audience for this Control includes all information resource owners and custodians.

Implementation

1

Each university unit managing a network shall establish a security strategy that includes perimeter protections (e.g., DMZ, firewall, intrusion detection or prevention system, or router) and incorporates:

1.1

monitoring for denial of service attack,

1.2

configuration settings at the network layer to combat such attacks, and

1.3

maintaining logs of all network activity.

2

Units shall operate firewall technology with procedures and guidance from the Texas A&M IT security operations.

2.1

The Texas A&M IT security operations staff are authorized to disconnect users from the University network if these procedures are not followed.

3

Texas A&M IT security operations staff are responsible for managing the campus firewall and may provide specific guidance and procedures to units in the following areas:

3.1

Virtual and physical architecture;

3.2

Protocols and applications that are permitted through the firewall, both inbound and outbound;

3.3

Traffic monitoring rule set;

3.4

Approval process for updating or changing rule sets; and,

3.5

Auditing and testing to verify a firewall’s configuration, rule set accuracy, and effectiveness.