Topics Map > •Security & Safe Computing > -Security Procedures

Procedure for Firewall Change Request Review

This procedure outlines the process for data analysis of the Firewall Exception Request Service that is to be conducted periodically by ITSO.

The Firewall Exception Request process operated by NDC&FP and ISO is to be reviewed periodically 3-4 times per year to ensure that the service is meeting the stated goals.   The process for requesting a firewall exception requires information supplied by the requester, review, and approval for technical implementation by ISO and execution by NDC&FP.  The stated goal for ISO is to complete the review and approval process in 10 business days or less.  The defined metric is extracted from the ticketing system which collects data from an online form.  If any of the required fields are missing, incorrect, or lacking information or the request is awaiting a response from the requester, this can cause the service response to be inaccurate.

Procedure:

  1. Login to https://help.rice.edu
  2. Click on new search, then in the query editor select Advanced
  3. Use a modified SQL query to request tickets for your desired review date.
    1. Example: (Content LIKE 'Destination Impact Score: High' OR Content LIKE 'Source Impact Score: High') AND Created > '2016-05-14' AND Queue = 'IT: Security / Maintenance' AND Subject LIKE '[docs] [firewall]' AND  Status = 'resolved' to request all resolved tickets that have a High Impact Score after 5/14/2016 from the ISO Maintenance Queue with a subject beginning with '[docs][firewall]'
  4. Export the results in an XLS format for import into Excel or a database
  5. Create a column called Business Days to completion
  6. In the new column subtract the CF-Last_Correspond_Time from the Created column to estimate the days the ticket was open.
  7. For all tickets > 10 business days (days are in calendar days, you will need to adjust by subtracting 2 days every 7 for weekends) identify the approval date by ISO and correct the CF-Last_Correspond date by replacing its value with the day the ticket was released by ISO.
  8. For all tickets with a value greater than 10 evaluate the reason the ticket languished and record for review
  9. Calculate the percentage of tickets closed in 10 days or less  =1-COUNTIF(<values from Business Days to Completion Column,">11")/<number of tickets>
  10. If the percentage of tickets is < 95% the SLA was violated.


Keywords:
Security, Firewall, Procedure 
Doc ID:
77236
Owned by:
Dan H. in Rice U
Created:
2017-10-09
Updated:
2023-03-30
Sites:
Rice University