Next Generation Firewall

The Next Generation Firewall (NGFW) is part of the university’s overall information security framework. The NGFW protects university information assets from cyber criminals and stops threats to the network through the application of content inspection, cloud-based threat intelligence, and malicious software analysis. The platform provides consistent protection and enhances the university’s information security efforts.

NGFW allows ITS to increase security and view traffic patterns and analysis for threat mitigation. It also allows real-time analysis and response based on application traffic.

NGFW includes management software capable of operating the NGFW, Palo Alto firewalls, and Wildfire IPS Systems.

Note: University traffic will not be seen by other institutions.

Usage Models

There are three NGFW models:

  • ITS Controlled
    In this model,  Information and Technology Services (ITS) manages and supports the firewall entirely. A best practice security model is applied to align with University of Michigan standards.
  • Unit Controlled
    In this model, units manage and operate their own unit firewall.  Unit IT staff have administrative accounts, access to conversion tools, and best practice guidelines. Any rules and objects are unit created. This provides more control and responsibility.
  • Hybrid Model
    In this model,  ITS maintains top administrative access with an option for unit IT staff to create unique policies. Unit staff and ITS have the ability to run reports, create or delete policies, and ensure best practice security.