Network Firewalls: Roles and Responsibilities
OIT staff members are responsible for:
- Designing and maintaining the OIT managed firewall infrastructure
- Provisioning firewalls, based on consultation with customer
- Providing on-going support
- Troubleshooting firewall infrastructure problems
- Troubleshooting firewall related problems as reported by customers
- Providing training to firewall administrators.
Service Gateway MID Members
Service Gateway primary and secondary MID members are responsible for:
- Determining who in their organization are authorized to manage their firewall policies
- Adding removing firewall administrators in their Service Gateway Management Group (MID), along with adding or removing their "Security" rights
- Ensuring that new firewall administrators attend OIT's Central Firewall Training course before they get access to manage their departmental firewalls
- Encouraging students, faculty, and staff affected by their firewalls to contact their support staff should they run into any problems accessing any applications, web sites, resources, etc.
- Support staff should work with those in their department who are authorized to manage firewall policies to troubleshoot the problem before contacting OIT.
Firewall administrators are responsible for:
- Completing OIT's Central Firewall Training course
- Knowing and understanding their environment and applications
- Defining and managing their firewall policies. OIT staff can assist, but are not responsible for defining or managing firewall policies
- Accessing and managing firewall policies via the command line interface or the Fortigate Appliance
- Troubleshooting their own firewall policies before contacting OIT
- Ensuring that the device they use to manage their firewall policies is configured with an IP from the primary subnet, if they are obtaining an IP from a Vlan that contains multiple subnet ranges.
Please note: firewall provisioning should be done during the regular business hours of 8 a.m. and 5 p.m.