Provisioning New Firewall Service
- Please identify the following requirements:
- IP space and VLAN of network to be firewalled
- Desired firewalled network/project name
- Identified application owners and rule approval delegates:
- Application Owners - Individuals (minimum of two) identified as the business owners of the network.
- Rule Approval Delegates - Individuals (minimum of two) identified as having sufficient technical expertise to review and approve submitted firewall rule changes as well as maintain current ruleset.
Desired firewalled rules
Default Template Rules - The Default Template is a tool that pre-defines rules using host groups for some of the most commonly found services on campus, including ssh, http/s, smtp etc; LNAs need only to identify the source addresses that can access their local resources (destination addresses). The default policy template is available, for review, in Excel (link) and PDF (link) formats. LNAs are asked to download and complete the Excel version of the default policy template, for submission of rulesets. Please note that the Default Template is required if using the NetDB Automation service.
Custom Policy Rules - Any required firewall service that will not be covered by the Default Template is considered a custom policy.
- Please identify any optional services:
- NetDB Automation
- Load Balancing
- Once you have determined the preceding requirements, complete the "Provisioning New Firewall Service Form" ( NewFWSvcFORM.doc ) and attach to your HelpSU request.