Versions Compared

Old Version 4

changes.mady.by.user Emerson David

Saved on

compared with

New Version 5

changes.mady.by.user Emerson David

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  • This time there are four responsible parties: Requester, Desktop Services, Firewall Policy Group, and the Firewall Gatekeeper.
  • The Requester submits the request as before, except s/he is now allowed to tell us whether if the request is URGENT. If it is, we expedite the process. If not, we go through the process as normal.
  • The Desktop Services group will field all requests instead of the Firewall Policy Group. We want whoever receives the request to check if the firewall modification being requested is already in effect. If so, disapprove the request. The Requester will then get notification. Also if the request is URGENT, forward the request straight to the Firewall Gatekeeper to make the firewall modification. Otherwise, forward the request to the Firewall Policy Group.
  • The Firewall Policy Group will review all normal requests and, upon approval, forward the request to the Firewall Gatekeeper. This group will review all URGENT requests after the Firewall Gatekeeper has fulfilled them.
  • The Firewall Gatekeeper performs the actual modification of the firewall. As far as the process goes, all the gatekeeper will do is acknowledge the request and implement the modification to the firewall. Once the modification is complete, the gatekeeper will forward the request onward. We say "onward", because the gatekeeper is not routing the request to anyone per se. Behind the scenes, if the request is URGENT, then the request gets routed to the Firewall Policy Group. Otherwise the process is finished and the Requester gets a notification (and maybe all the other responsible parties too).
  • To complicate things further, if the Firewall Gatekeeper modified the firewall based on an URGENT request, and the Firewall Policy Group decides to disapprove the request after the fact, then the request goes back to the gatekeeper to reverse the firewall modification.
  • We documented the Review Non-Urgent Request and Review Urgent Request as subprocesses because there is the potential for the Firewall Policy Group to have continuous correspondence with the Requester. We'll address these in an Advanced Advanced tutorial.

The Request Details

As part of the process, the Firewall Policy Group requires that anyone who wants the firewall rules modified must provide the following details:

...