Re: Firewall Changes through Change Management

["King, Ronald A." <raking () NSU EDU>]

We have voted minor firewall updates as routine changes. Updates that have changes to behavior have to be reviewed and 
approved by the Change Advisory Board (CAB). Policy/rule changes are done as needed, but, we review the changes monthly.

Ronald King
Director of OIT Security

With Office 365, you can report a message as phishing or junk. Using Outlook in a web browser or the mobile Outlook 
app, start by clicking/tapping "Junk/Report Junk!"

Office of Information Technology
(757) 823-2916 (Office)
raking () nsu edu<mailto:raking () nsu edu>
www.nsu.edu<http://www.nsu.edu/>
@NSUCISO (Twitter)
[NSU_logo_horiz_tag_4c - Smaller]

From: The EDUCAUSE Security Community Group Listserv <SECURITY () LISTSERV EDUCAUSE EDU> On Behalf Of Bryan McClenahan
Sent: Tuesday, May 4, 2021 10:58 AM
To: SECURITY () LISTSERV EDUCAUSE EDU
Subject: Re: [SECURITY] Firewall Changes through Change Management

CAUTION:  This email originated from OUTSIDE of the organization. Do not click links or open attachments unless you 
recognize the sender and know the content is safe!
We have border firewall changes follow our change management process.

It lets customers know when their changes will be made, and it protects the employees performing the changes on the off 
chance something goes wrong during the change causing any outage.

-b


On May 4, 2021, at 7:42 AM, Kimmitt, Jonathan <jonathan-kimmitt () utulsa edu<mailto:jonathan-kimmitt () utulsa edu>> 
wrote:

Hi all,

  We are in discussions of how to include border firewall changes in the change management process…..

Whether to require change management for any rule changes, and conduct during our weekly maintenance windows…..  or 
open it up and allow changes anytime during the week as is requested by Networking/Systems….

I was curious to how other .edu’s do it in their environments?

-Jonathan



~
Jonathan Kimmitt
CISSP, FIP, CDPSE, CIPP/E, CIPM, CIPT,
OTCP,GLEG, GPEN, GSNA, PCIP, CEH
Chief Information Security Officer
Information Technology
The University of Tulsa
jonathan-kimmitt () utulsa edu<mailto:jonathan-kimmitt () utulsa edu>
918.631.2743


**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at 
https://www.educause.edu/community<https://urldefense.com/v3/__https:/www.educause.edu/community__;!!MLMg-p0Z!Q8X9cURVT9QLDDgKJV2rARWoB_9u-FPNDggCRwmgOWIF3_L4eyngKlbjrFl_hZPMqg$>

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community

**********
Replies to EDUCAUSE Community Group emails are sent to the entire community list. If you want to reply only to the 
person who sent the message, copy and paste their email address and forward the email reply. Additional participation 
and subscription information can be found at https://www.educause.edu/community