Check our KB

Manage rule modification requests

This topic describes how to manage a rule modification request using the default workflow.

For more details, see Rule modification workflow.

Do the following:

User type	Step	Reference
Any privileged user	Create a change request using the 145: Rule Modification Request template.	Request changes
Drop action requests
Network operations user	Search for change requests whose traffic will be blocked by the "Drop" action.	Find related change requests
Network operations user	Notify the requestors of these change requests that the traffic is slated to be blocked. FireFlow sends an email to the selected requestors. The requestors have until the change request's due date to respond.	Manage requestor notifications
Requestor	Respond via email message or via the requestors web interface.	Respond to change requests
Network operations user	Do any of the following: Re-notify the requestors. View responses received from requestors.	Manage requestor notifications
Allow action requests
Information security user	If the change request includes an "Allow" action, FireFlow initiates a risk check, to determine whether implementing the change specified in the change request would introduce risks.	Examine risk check results
Information security user	Do one of the following: Approve the change request and send it on to the next stage. FireFlow creates a work order that consists of a list of recommendations for implementing the requested change. Reject the change request. The change request returns to the Plan stage, and you can perform initial planning again. Reject and close the change request. An email message is sent to the requestor, indicating that the request is denied. The change request's lifecycle is ended, and no further user action is required.	Approve planned changes
Network operations user	If the rule has changed while the change request was being processed, Re-Plan the change request.	Re-plan a rule modification request
Network operations user	Edit the work order.	Edit work orders
Network operations user	Implement the requested changes on the security device according to the work order, by using the relevant management system (for example, Check Point Dashboard or Juniper NSM) to implement the changes.	Implement changes
Network operations user	FireFlow initiates validation of the implemented device policy changes against the change request.	Validate changes
Network operations user	If validation indicates that the specified rule was modified, resolve the change request. If validation indicates that the specified rule was not modified, re-initiate the Implement stage and repeat change validation until the change is successful.	Resolve or return change requests

Did you find this helpful?
Yes No

Sorry about that

Why wasn't this helpful? (check all that apply)

Couldn't find what I was looking for

Instructions confusing or unclear

Instructions didn't work

Thanks for your feedback!

Want to tell us more?

Shoot us an email. This way we can let you know when we've updated the docs.

Send Feedback

Great!

Thanks for taking the time to give us some feedback.