Network Firewall - Ruleset Change Procedure for the DoIT Staff Network Firewall

This document explains the ruleset change procedure for the DoIT Staff network firewall.

Scope

This change procedure applies to the DoIT Staff network firewall. Changes to the network firewall require approval from your manager.

Requesting Support for Network Problems

Contact DoIT Support for support with DoIT Staff network issues. Situations that truly require a firewall exception are rare. If you believe that you have one of those situations DoIT Support will help you through the change procedure.

Requesting a Change to the Network Firewall Ruleset

  1. Work with DoIT Support to collect the following information necessary for a change request:
    • Server Name
    • Type of Rule: Allow or Deny
    • Source and Destination IP addresses
    • Source and Destination Ports and Protocols
    • The reason why this change is needed
  2. Send a request to your manager requesting an exception to network firewall ruleset. If your manager approves the request, they should forward it to DoIT Support.
  3. DoIT Support will review the request and work with the Office of Cybersecurity to provide feedback if required
    • If DoIT Support has questions about the request it will be sent back to you. It can be resubmitted with modifications or appealed.
      • Appeals can be made through your director, who will work with DoIT Support and the Office of Cybersecurity to resolve the issue. If the issue cannot be resolved by your director and Cybersecurity, final authority rests with the CIO's Office.
  4. Once requests are approved, DoIT Support will fulfill the request and contact you with an update.

The Office of Cybersecurity will periodically review the firewall rulesets for need and appropriateness.




Keywords:virtual tech lab vtl network firewall ruleset rules change procedure doit staff fwsm csa vlan 644 301 300 299 298 295 297 292 291 274 fx-13 fx13 fx-14 fx14 fx-15 fx15 fx-16 fx16 fx-17 fx17 fx-18 fx18 fx-19 fx19 fx-20 fx20 fx-21 fx21 fx-23 fx23 host cisco csa 6 csa6 security agent windows win rule set procedure change modify add sep symantec endpoint protection local changes   Doc ID:5620
Owner:Chris P.Group:DoIT Departmental Support
Created:2007-03-25 19:00 CDTUpdated:2020-05-07 11:41 CDT
Sites:DoIT Departmental Support, DoIT Staff, Network Services, Office of Cybersecurity, Systems & Network Control Center, Systems Engineering
Feedback:  0   0