Rule Modification Field

Workflow Owner This topic is intended for SecureChange workflow owners, who are responsible for creating and maintaining workflows.

Overview

The Rule Modification field is part of the Rule Modification workflow. This workflow is used for quick remediation actions for firewalls, and it enables assigned handlers to update firewall rules by adding or removing devices or services in the Source, Destination, and Service fields.

The objects that can be added or removed from a source/destination can contain single IP addresses, a range of IP addresses (subnets), groups, or user groups. The objects that can be added or removed from a service or service group can contain the following protocols: TCP, UDP, ICMP, or SCTP.

Firewall administrators can use the Rule Modification field to make specific small changes to rules in a ticket with access to:

  • Automation for provisioning and committing the changes
  • Change history documentation
  • Audits

The Rule Modification field receives rules from the SecureTrack Rule Viewer and lets you create a ticket in SecureChange for a handler to update firewall rules for supported devices. The workflow includes dynamic task assignment, the ability to configure skip step features, auto step, and APIs to submit and handle rule modification requests.

In a Rule Modification workflow, when multiple tasks are opened on the same step by Dynamic Assignment, no changes can be made to the rules or objects within the rules, and all tools (such as Designer and provisioning) are disabled for the handlers, even if the same handler is configured for all the tasks in the step.

The devices or services that are updated using this field can be new objects in the network or existing objects.

When you configure the Rule Modification field in a workflow step, the Field display name and Tooltip text are the same for every step that the field is added to. All other settings apply only to the current step.

General

  • Read-only: The handler of this step can view the contents but not edit values of the field.

  • Designer tool: Lets the handler of the step use the Designer tool, which gives you recommendations how to change the rule base, provision the changes to the devices, or commit the rule updates. In the properties of the step, you can set the Designer to run as an auto step for supported devices and services. For the Rule Modification field, Designer recommends the specific rules which the requester asked to be updated.

    • In Step 1 of the workflow, the Designer tool can only be used to display the requested rule changes to the assigned handler. In subsequent steps, you can choose which designer capabilities to enable.

    • Allow all: Allow all Designer capabilities supported by this workflow.

    • Allow design only: View the Designer recommendations for rule updates..

    • Allow update only: Provision the Designer recommendations by saving the policy updates to devices. (For devices where Provisioning is supported)

    • Allow commit only: Commit the rule updates from the management device onto associated child firewall devices. (For management devices where Committing Changes is supported)

    • Allow design and update only: Run both design and update processes on the step.

    • Allow update and commit only: Run both update and commit processes on the step.

What Can I Do Here?

Adding the Rule Modification field

The Rule Modification workflow includes approval steps, auto-steps, related REST APIs, and is fully auditable. This procedure refers to the first step.

  1. Click Workflows and either:

    • Click New Workflow, and in the Workflow Properties window enter the name and workflow type you require (Rule modification).

    • Click an existing workflow (which contains the workflow type you require) and edit it.

  2. Click the first step in the workflow.

  3. Click Fields to see the fields for the selected step.

  4. Click Add field.

  5. In the field type, select Rule modification.

  6. Enter a Field display name and Tooltip text (optional) that will be shown in the request. These are the same for all steps that use the Rule Modification field.

  7. Select the options for the field:

    • Mandatory The handler must enter the device or service information. This is the same for all steps that use the Rule Modification field.

    • Multiple: The handler can enter multiple devices or services for this field. This is the same for all steps that use the Rule Modification field.

    • Designer tool: The handler can view the requested changes. In Step 1 of the workflow, the handler can only view the requested changes. In subsequent steps, in which you enable the Designer tool, you can define the Designer options for the handler.

  8. Click OK.

If necessary, add the field to other steps in the workflow, and Save the workflow.