New Firewall Rules Workflow

Introduction

This article describes the activity flow when a New Firewall Ticket is submitted. The workflow allows the IS Data Center and Enterprise Systems groups to quickly serve the customer and then provides a process for the Information Security Office (ISO) to do an after the fact audit of the new rules and take remediation actions if necessary.

Estimated Time to Complete

Reviewing this guide will take no more than five minutes

Vocabulary

Term Definition
Automation Rule Automation rules are defined criteria (or rules) that are evaluated at ticket creation, if the automation rule criteria are satisfied, pre-configured automation actions are carried out on the ticket. These rules only apply at the time of creation and do not impact ticket editing, commenting or updating.
Primary Responsibility Group or individual who has primary ownership of the ticket, and is ultimately responsible for the ticket completion. Note: the Responsible field on the ticket specifies the primary responsibility.
Task Responsibility Group or individual what is responsible for completing a workflow task on a ticket.
Web Service A web service is TeamDynamix provided tool to provide automated API calls to update/modify ticket attributes.
Workflow A ticketing workflow is a series of orchestrated and repeatable actions that can be assigned to a ticket.
Workflow Task A workflow task is a specific piece of work, created by a workflow step, and assigned to a specific individual or group.

Special Concepts

Please Note: Workflows and Primary Responsibility are often assigned at ticket creation by automation rules, but can be changed by updating the ticket.

Steps

The following images specifies the workflow activity and responsible groups for creation of a new firewall rule:

  1. Ticket Creation
    1. Using automation rule (#4031) TeamDynamix assigned the primary responsibility to the IS - Enterprise Systems group
    2. The ticket status is changed to In Process by a web service method.
  2. Firewall Configuration Tasks (these tasks are sequential)
    1. IS - Data Center Engineering group is assigned Configure Network Firewall rules task
    2. IS - Enterprise Systems group is assigned Configure Host Firewall rules task.
    3. IS - Enterprise Systems group is assigned Test New Firewall rules task.
  3. Notifications and Review Task (these tasks are done concurrently and automatically)
    1. Customer is notified via email
    2. Information Security Office is notified that the firewall rules have been completed and a review task has been generated.
    3. Information Security Office is set as the Primary Responsibility for the ticket.
    4. A Review Firewall Rules task is created and the Information Security Office is assigned the responsibility.
    5. The ticket is closed
  4. Information Security Office Audit
    1. Using the ISO internal processes, audits the changes, and then marks the Audit Firewall Rules changes complete.
    2. If the rule changes pass the audit, no further action is required.
    3. If the rule changes DO NOT pass the audit, the ISO will re-open the ticket, complete the remediation of the rules, and close the ticket.

Firewall rule workflow

Dashboard

To support the audit of the tickets, the ISO will be sent a periodic email, with an attached spreadsheet listing newly closed firewall tickets that need auditing.

The Firewall Ticket/Tasks dashboard (which is deployed to all the involved groups) has three reports:

ISO Firewall Dashboard (in TDNext)

  1. ISO Firewall Ticket Audits
  2. Historical listing of all open firewall rules tickets
  3. Ticket count, by status, of open firewall tickets

Conclusion

The objective of this workflow is to ensure that customers receive timely resolution to their requests for new firewall rules and also provides for the after the fact, audit of new rules. The audit then gives the Information Security Office the ability to remediate any issues with the newly established firewall rules.

Details

Article ID: 94244
Created
Wed 12/11/19 10:57 AM
Modified
Mon 11/14/22 11:30 AM