Blocking inbound internet traffic to wireless starting April 25

WHAT ARE WE DOING?
As part of our ongoing effort to optimize computer security at the laboratory, Computing will block inbound Internet traffic to our wireless networks with the exception of services listed below. The wireless subnets contain a large number of devices from personal laptops, to mobile phones, to television and other media devices. Many of these are intended for a home network and do not contain any local access controls making them vulnerable to security breaches.

WHEN WILL THIS OCCUR?
Monday, April 25, beginning at approximately 6 a.m. Central

WHAT IS THE IMPACT TO YOU?
Normal use of the wireless networks, such as Web browsing, would not be impacted. The following inbound ports and services will also not be impacted:
Port Service Proto Comments
22 ssh tcp SSHD exemption
2105 eklogin tcp Kerberos Encrypted Login
4172 PCoIP tcp VDI
4172 PCoIP udp VDI
5060 sip tcp Soft Phone
5061 sip-tls tcp Soft Phone
6000 Xterm tcp Xterminal
32111 USB Redirection tcp VDI
50002 PCoIP Display tcp VDI
50002 PCoIP Display udp VDIv

WHAT DO YOU NEED TO DO?
If you have a server on the wireless subnets affected by this block, please submit a Service Desk ticket at http://servicedesk.fnal.gov or by calling x2345 indicating you need to migrate to the wired subnets.