Question OFID-02
Are you utilizing a host-based stateful packet inspection (SPI) firewall?
| Weight | 20 |
| High Risk | No |
| Required | Yes |
| Compliant Answer | Yes |
Standard Guidance
EDUCAUSE provides no guidance here
Answering "NO"
Describe any plans to implement a SPI firewall.
Answering "YES"
Describe the currently implemented SPI firewall.
Reason for Question
The use case, vendor infrastructure, and types of services offered will greatly affect the need for various firewalling devices. The focus of this question is integrity, ensuring that the systems hosting institutional data are limited to need-only communications.
Follow-Up Inquiries
Ask the vendor about available controls to compensate for the lack of a SPI firewall. Ask the vendor for their recommended best practice(s).
HECVAT Pro Advice
[Add expert insights and best practices]
Implementation Tips
[Add practical steps for SME SaaS vendors]
FAQ
[Add common questions related to this HECVAT item]
Resources
[Add links to relevant articles or tools]