Skip to content Skip to site navigation

University Firewall Services Roles & Responsibilities

Application Owner Responsibilities:

  • Request new firewall resources (new firewall, additional zones, additional services).
  • Request consulting if/when necessary from the Information Security Office.
  • Request and approve firewall requests for both application specific and template rules.
  • Assign hosts to a security zone.
  • Manage the membership of a security zone & manage growth and moving hosts into or out of a zone.
  • Request removal of firewall rules for hosts that are being decommissioned.
  • Provide host name suggestions to System Administrator for use in NetDB.
  • Designate roles for staff (firewall application owner, firewall rule delegate).

System Administrator Responsibilities:

  • Request switch ports for hosts based upon Application Owner designating security zone & send an email to firewall-team@lists.stanford.edu.
  • Request cabling of the host to switch.
  • Assign IP addresses in NetDB for firewall hosts.
  • Assign unique names to each IP in NetDB in order to avoid confusion when rules are applied. This is critical when hosts move within the firewall architecture so that rules are not placed against the wrong IP address.
  • Ensure that NetDB name changes for hosts behind a firewall are emailed to firewall-team@lists.stanford.edu.
  • Request appropriate template rules for your host (linux, windows, etc).
  • Request appropriate custom template rules for your host if known.

Database Administrator:

  • Request the appropriate and necessary firewall rules.
  • Request the necessary SUNAC access for DBA(s).

Hosting Services:

  • Install hardware in racks.
  • Install network cabling between hosts and switches and other infrastructure devices.
  • Resolve cabling conflicts and issues.

Information Security Officer:

  • Provide optional consulting.
  • Provide input and guidance for template rule creation and updates.

Project Manager:

  • Provide assistance in achieving the project goals and ensuring that progress is being made.

Business Partner:

  • Coordinate with client and all parties to ensure that the client experience is satisfactory.

Firewall Engineer/Team:

  • Primary contact within the Firewall Team for this project.
  • Work within the project may be completed by a different team member.
Last modified March 10, 2023