-
Notifications
You must be signed in to change notification settings - Fork 109
Firewall Change Requests
Refer to our firewall rules request form for an overview.
- Go to https://servicedesk.gsa.gov
- Go to
Order Something - Select
Firewall Change Request(FCR)
The FCR has approval workflows built in, which include a supervisor as well as ISSO contact that will need to approve the ticket.
As for APP --> APP and WEB --> APP, that's terminology used to represent the tiers. Usually (there are rare exceptions) that there are 3 tiers, which are WEB, APP, and DB. They flow of access is usually (again there are rare exceptions) from WEB --> APP --> DB as well as laterally from WEB --> WEB, APP--> APP, and DB --> DB. So, essentially, WEB can make a connection to WEB or APP, APP can make a connection to APP or DB, and DB can only make a connection to DB. WEB typically doesn't talk directly to DB (has to go to APP first) and traffic can't flow backward (i.e. APP cannot make a connection to WEB nor can DB make a connection to APP or WEB).
tcp/8983 is not part of the WEB -> APP rules, the FCR would look like:
SOURCE: 10.xxx.x.xxx, 10.xxx.x.xxx, 10.xxx.x.xx
DESTINATION: 10.xxx.x.xxx
SERVICE: tcp/8983