Provisioning New University Firewall Service
If you would like to provision the University Firewall Service for your departmental network or administrative network/application/service, please use the following guideline to prepare for your request.
- Please identify the following requirements:
- IP space and VLAN of existing network to be firewalled
- Desired firewalled network/project name, ex: “Math Department”.
- Identify individuals to be designated as application owners and rule delegates:
- Application Owners - Individuals (minimum of two) identified as the business owners of the network.
- Rule Delegates - Individuals (minimum of two) identified as having sufficient technical expertise to review and approve submitted firewall rule changes as well as maintain current ruleset.
-
Desired firewalled rules
-
Default Template Rules - The Default Template is a tool that pre-defines rules using host groups for some of the most commonly found services on campus, including ssh, http/s, smtp etc; LNAs or local support staff need only to identify the source addresses that can access their local resources (destination addresses). The default policy template is available, for review, in Excel and PDF formats. LNAs are asked to download and complete the Excel version of the default policy template, for submission of rulesets. Please note that the Default Template is required if using the NetDB Automation service.
-
Custom Policy Rules - Any required firewall service that will not be covered by the Default Template is considered a custom policy.
-
- Please identify any optional services:
- Once you have determined the preceding requirements, complete the Firewall Service Request form for a new firewall project, which will be submitted via Service Now.
