/
Firewall Rule Request Process

Firewall Rule Request Process

Overview

This article outlines the purpose and standardized process for requesting new or modified firewall rules on the college network perimeter. All firewall changes are subject to a formal review process to maintain network security and compliance.

Purpose of the Firewall Rule Request Form

The Firewall Rule Request Form provides the required governance mechanism for vetting and approving all firewall access changes.

Its goal is to maintain the integrity and security of the college network by:

  • Enforcing the principle of least privilege.

  • Ensuring regulatory compliance (e.g., PCI, HIPAA, FERPA) is met.

  • Formally managing and documenting the institutional risk associated with opening network ports.

The Firewall Rule Request Process

All requests follow a mandatory four-step approval and implementation workflow:

Step 1: User Submission

The requester (user, faculty, or staff) submits a formal Firewall Rule Request Form detailing the specific access required, including source/destination IP addresses, required ports, and the business justification.

Step 2: Networking Review and Validation

The Director of Networking and Service Delivery reviews the rule parameters with the requester. This step ensures that all collected information is accurate, the technical details are correct, and the underlying need for the access is clearly understood.

Step 3: Security Assessment and Decision

The Chief Information Security Officer (CISO) reviews the request. The CISO will conduct a formal risk assessment and either approve or deny the rule based on:

  • The overall campus security posture.

  • Relevant regulatory compliance requirements.

  • The college's established risk tolerance.

Step 4: Implementation and Notification

Once the rule is approved, the Networking team implements the rule on the firewall. The user is then notified of the final decision and implementation status via an update to the associated Tracker ticket.

Please contact the ITS Service Center at help@fredonia.edu or (716) 673-3407 if you need further assistance.