Restricted Protocols & Mitigation / U-M Information and Technology Services

Examples of Protocols to be Restricted

The following are protocols that are not widely used and pose a security risk when publicly accessible. ITS IA will block access to these protocols at the network border in October 2022 (based on unit engagement and feedback, this may be extended).

IRAP Blocking List

While there will be no exceptions provided for off-campus access to these protocols, users can review the mitigation steps below when access is needed.

Mitigation

Behavior changes needed to mitigate the risks of IRAP include the following:

Use of the VPN: Protocols blocked by the IRAP can be accessed using the U-M provided VPN service. This currently requires users to manually start the VPN connection before accessing blocked services. Refer to Getting Started with the VPN for more information.
Use of DirectAccess: Currently, most users of Windows systems managed via ITS MiWorkspace and ITS Platform as a Service can automatically use DirectAccess, which provides VPN-like network access to campus networks, bypassing any of the blocking described in this proposal. Refer to DirectAccess as a Service for more information.