Some systems and devices on the Johns Hopkins internal network require external internet visibility. Please allow 2-3 business days for completion of these steps before access is provided for your system.
All new requests for Internet visibility through the JH Internet firewall must be submitted to Cloudrequests@jhmi.edu. Requests must come from an active Johns Hopkins faculty or staff member using a JH provided email account and must include the following information:
The Virtualization Team will verify that the 18.104.22.168 subnet is trunked to your cluster, if not presnet they will submit a request to JHNetworking to have thta subnet trunked to your cluster.
Electronic Information classification for your system must be provided - identify whether your system contains Restricted (Confidential or Internal Use Only) or Unrestricted information. For definitions, see http://www.it.johnshopkins.edu/policies/itpolicies.html#Classification
ii. Internal Use Only
Your Internet accessible system must be registered in the Information Technology@Johns Hopkins (IT@JH) Configuration Management Database (CMDB) in order to proceed with your request. Registration information should be sent via email to email@example.com and must include:
After JHNIS has verified that your data has been classified and the system has been registered in CMDB, your internal system must be scanned for system vulnerabilities in order to provide or maintain visibility through the JH Internet firewall. JHNIS will run this scan for you, and the scan should take approximately one hour to complete. Some customers prefer that the scan be run while they are available to monitor the system, so you can choose when the scan is to be run.
The vulnerability scan results must have no vulnerabilities with a severity of "Critical" or "High" in order to process your request. Vulnerabilities that are rated "Critical" or "High" expose risk to the system and the JH network to which it is connected. These vulnerabilities are often easily remediated by applying vendor software patches or configuration changes. This remediation information is typically included in the report that identifies the vulnerabilities, which you can use to remediate your system. IT@JH reserves the right to refuse Internet visibility to any internal JH system should it pose a significant risk to the confidentiality, integrity, or availability of JH systems or networks.
Once any "Critical" or "High" vulnerabilities are remediated, notify Network Security staff so that they can re-scan your system. If these vulnerabilities cannot be remediated, consult with Network Security to determine what options are available for Internet visibility.
If you require an external DNS name/IP address registration for your system, you must send that request via email to firstname.lastname@example.org after your external IP address has been assigned and provided to you by JH Network and Information Security.
When you are notified that your system has been granted internet visibility, please test external access to make sure all resources and services are available as requested.