VCEA IT Network Maintenance – Change to Inbound network access from off campus – March 09, 2022 – EECS Network

March 8, 2022

*** This change will impact all computers within the IP range of 69.166.48.1 to 69.166.49.254. ***

We don’t anticipate this change affecting many of you as most of you have switched over to using the WSU VPN for your connections to your systems. If you are hosting an application or service on your system – AND – need to reach it without having to use the WSU VPN – AND – don’t already have a firewall rule in place, please reach out to us ASAP so we can discuss your situation. All of the ones that we are aware of have already been converted to using the WSU VPN or have the exception in place. Like I said…. We don’t expect this to impact many of you, but we want to warn you anyway.

The reason we’re doing this is because we see thousands of intrusion attempts hitting our network daily….. DAILY! We want to keep all of your systems, data and our network safe from these attempts.

Please send an email to support.vcea@wsu.edu, or fill out a ticket at https://support.vcea.wsu.edu if you have any questions.

To keep pace with WSU’s evolving security policies, we will be changing the default ability to contact machines on publicly routable IPs from off campus. This change will impact all computers within the IP range of 69.166.48.1 to 69.166.49.254.

It will only impact those computers, only in the inbound direction, and only on ports **other** than http or https (tcp ports 80 and 443).

Until May 11^th (the day after grades are due) we will continue to allow http and https from off campus inbound to the machines in the network listed above by default. After May 11^th you will need an exception to run a publicly accessible (i.e. off campus without WSUVPN) web server on your computer if you are in the above network.

All machines listed above will still be able to get out from campus (i.e. if you sit down to one of those machines and open a browser you will still be able to get to off-site resources such as google, etc.)

Anything hosted on the above machines other than http/https will still be reachable from all WSU networks and the WSUVPN.

See below for further details.

Please forward this notice to EECS faculty and Staff

———————————————-

Maintenance Info

POC: VCEA Systems Team

What: Change in network posture for 69.166.48.0/23 on the firewall from default allow from off campus to default deny from off campus other than ports 80 and 443

When:

Start: Wednesday March 09, 2022 18:00 PT (6pm Pacific)
End: Wednesday March 09, 2022 18:15 PT (6:15pm Pacific)

Affected resources: Any faculty hosting servers/services on their computer other than http/https

Affected users: Any faculty hosting servers/services on their computer other than http/https. Any other higher ranking exceptions or existing blocks should remain in place, if they exist.

Notes: Based on current network scans, by excluding http/https from this procedure, there should be few, if any faculty impacted by this change.

If users encounter problems with services after the maintenance window is over, they should contact the VCEA Helpdesk online at support.vcea.wsu.edu, by email at support.vcea@wsu.edu, or by phone at (509)335-6773.