Change Control Process for Firewalls

Change is one of the inevitable facts of life we must deal with. Firewall objects and rulesets are constantly evolving in response to new threats, vulnerabilities and services. In order to provide defined Service Level Agreements to our Information Technology customers we are required to maximize availability while maintaining confidentiality and integrity of corporate data assets. As we adapt new enabling technologies for our customers' growing business requirements a high level of internal security must be maintained. A critical but frequently glossed over part of security practice is Change Control (CC). This is the process of implementing change while controlling its environmental impacts. This paper covers the fundamentals of Change Control and Procedures as it applies to the management of Firewalls. Using careful process and planning it is possible to reduce risks associated with changes thereby minimizing the likelihood of detrimental impacts on business operations.