Firewall Maintenance

Important: All ITS staff who have requested a firewall change must be online between 5 a.m. to 8 a.m. on the scheduled maintenance date to actively test the firewall changes. Exceptions to this rule will require formal approval. Review the exception process for ITS and Unit IT firewall changes.

Firewall maintenance (e.g., additions, modifications, deletions to firewall rules) will be performed between 5 a.m. to 8 a.m., Monday thru Friday by ITS Network Security Operations staff.

We have established the mandatory maintenance window to ensure the availability of ITS services. This change is an industry best practice and is consistent with many other large universities and major industries. Over time, ITS intends to develop automation techniques that will enable carefully orchestrated business day changes.

To assist units in their firewall requests, the ITS Network Security Operations team will:

  • Assign staff members between 5 a.m. to 8 a.m. each weekday to execute planned changes.
  • Schedule time to partner with Unit IT staff on requested changes to iterate and test during the daily 5 a.m. to 8 a.m. maintenance window.
Note: If units choose to test during business hours, all requested modifications will have to wait until the next business day’s maintenance window.
  • Use business hours to plan for the next business day’s firewall changes and work with Unit IT and ITS firewall partners as needed.

Note:

  • The cutoff for submitting firewall requests to be completed on the next business day is 3 p.m.
  • ITS Network Security Operations staff will develop standard documentation for requested unit firewall changes and rules. They will document the plan and share it with Unit IT partners to confirm all requirements and rules are accurately captured. This documentation should decrease the potential for error and minimize the need for testing and iterating.