Montgomery County Library & Information Network Consortium






This policy explains how and why MCLINC restricts access from and to the Internet.  All inbound and outbound access to and from MCLINC is controlled at the perimeter gateway, also known as the firewall.



Due to the volume of business, number of users, and security concerns MCLINC policy restricts access from public workstations across non-standard HTTP (Hypertext Transfer Protocol) ports for the public.  Standard Internet ports are open to all users without restriction at the firewall.  Ports open without restriction include 80, 8080 and 443.


The number of malicious attacks on networks from the Internet is escalating.  MCLINC is charged with protecting the network from such attacks.  A single attack has the potential to debilitate the software on 700 machines, and the potential to damage or destroy the library database that is the heart of MCLINC’s service to the public.


To safeguard against malicious attacks, or attempts, MCLINC has adopted a stringent security policy on its perimeter, which is managed at the MCLINC firewall. Attacks typically target network vulnerabilities associated with specific ports.   Since most Internet browsing can be accomplished across standard HTTP (hypertext transfer protocol) ports (e.g. port 80), non-HTTP ports are closed on the firewall and not accessible to the public.


The Board of Directors recognizes that some library users will expect to access remote servers via ports that are not traditional HTTP ports, and that it may not be immediately apparent to the user why he or she is unable to connect.  To verify whether MCLINC has placed restrictions on particular ports, the public is invited to email for clarification.




Adopted July 16, 2004