Whenever you have to implement a new firewall policy or you need to change a current firewall policy, an important step in the process of implementing the firewall change is to schedule an appropriate time for configuring the firewall and committing the change.
Why is it important to schedule the policy?
- The change may impact the traffic flow; if connections are dropped some services will be affected.
- If such services are critical, then the business’ operations will be affected too.
- To minimize any (side) effects of the firewall change; the impact of a wrong change during peak business/working hours is greater than the impact of a wrong change during non-working hours.
- To notify the customers; the customers may be affected by the change, e.g. if a short downtime is necessary.
- The staff members that implement and monitor the change will need to be present during non-working hours if the change is committed during such an interval.
Sometimes an immediate change is needed during business/working hours, for example as a response to an attack against a critical service. In this case, often best judgment is used to implement the change skipping the schedule.
Be prepared to notify any affected clients very quickly; communication is important to maintain trust.
Scheduling the change
Normally, unless pressed by some issues, you can schedule a firewall change by following a few simple rules:
- Schedule it during non-working hours.
- Notify the needed staff members to synchronize their work schedule.
- Notify in advanced any affected clients.
- If you use a form of auto-implementing the firewall change, verify that the time is synced correctly (e.g. Pacific Time).
Scheduling appropriately a firewall change (implement a new policy, modify or delete a policy) ensures that the change will go smoothly with minimum impact over the traffic flow.