View change requests

This topic describes the various procedures available to view change requests in FireFlow.

View open change requests

The Current Status of Open Change Requests list displays all of your change requests that have not yet been resolved, and allows you to track these change requests' statuses.

Click on the small arrow to the left of the text Current Status of Open Change Requests on the Home page of FireFlow to view a graphic representation of the number of open change requests in the each stage (status) of the change request workflow.

Click on the text Current Status of Open Change Requests on the Home page of FireFlow, to view a list of the open change requests to view the list of open change requests.

Note: Click a change request ID or subject to open the change request.

By default, statuses include the following:

plan

The change request has been assigned an owner and is in the Plan stage.

approve

The change request is in the Approve stage and being checked for security risks.

An information security user will decide whether to approve the change request, based on the check results.

create work order

The change request is now in the Implement stage, and the work order is being planned.

implement

The change request is now in the Implement stage, and the required change is being implemented.

validate

The change request is now in the Validate stage.

user accept

The change request is now in the Validate stage, and the requestor has been asked to verify implementation success.

user disapproved

The change request is now in the Validate stage, and the requestor has marked the change as not working, using the Change Doesn't Work button.

These statuses can be changed / customized by FireFlow administrators.

View change requests awaiting various actions

From the FireFlow Home page you can open lists of requests waiting for various types of actions.

Change requests to :

  • Approve

  • Plan

  • Review (Operational Review)

  • Create Work Order

  • Implement

  • Validate, etc.

For example:

Note: Click a change request ID or subject to open the change request.

By default, statuses include the following:

plan

The change request has been assigned an owner and is in the Plan stage.

approve

The change request is in the Approve stage and being checked for security risks.

An information security user will decide whether to approve the change request, based on the check results.

create work order

The change request is now in the Implement stage, and the work order is being planned.

implement

The change request is now in the Implement stage, and the required change is being implemented.

validate

The change request is now in the Validate stage.

user accept

The change request is now in the Validate stage, and the requestor has been asked to verify implementation success.

user disapproved

The change request is now in the Validate stage, and the requestor has marked the change as not working, using the Change Doesn't Work button.

For more details, see:

View change requests on your FireFlow home page

Your FireFlow Home page displays all of the recently updated change requests in the system, divided into lists according to their current lifecycle stage.

Note: By default, only lists that are relevant to your user role will appear in your Home page.

Tip: Customize this page For more details, see Customize the FireFlow Home page.

Do the following:

  1. In the main menu, click Home.

    The FireFlow Home Page is displayed.

  2. Click a change request list to expand it and display the list of items.

    Note: If the number of items in the list exceeds the configured maximum number of change requests to display per list, not all change requests in the change request list will be displayed.

    In such cases, click the heading to view all items. A page listing the relevant change requests is displayed.

  3. To sort the list according to a column, click the column heading.

    To reverse the sort order, click the column heading again.

View individual change requests

View a change request's details, including the change request's current lifecycle stage and basic information about the change request, such as the requestor, owner, original request details, and internal and external links. Additional information is provided depending on the change request's current lifecycle stage.

Do the following:

  1. Browse to or search for a change request, and click the ID or subject to open it.

    For details, see View change requests on your FireFlow home page and Search for change requests.

    The change request is displayed.

    This page displays the following details:

    Change request title and ID View these at the top of the page.
    Change request lifecycle status bar

    View this status bar just under the title and ID.

    The status bar maps the stages in the lifecylce from left to right.

    • The current stage appears in blue, completed stages appear in green, and future stages appear in grey.
    • An empty flag indicates that the request is new; a checkered flag indicates that the request is resolved.

    • Click a previous stage to display a read-only view of the request data for that stage.

    For more details, see Change request statuses.

    Relevant device or policy

    The device policy is displayed with the request's status, owner, and ID.

    For Palo Alto and Check Point policies, the View Policy link appears.

    For change requests that affect multiple devices or policies, each device appears in its own panel, and each panel contains all the information for the sub request. Clicking the panel reveals additional device information:

    • IP. The device's IP address.
    • Latest Report. The date of the device's latest AFA report, and a link to the report.
  2. To view change request information for a device, click next to the desired device.

    The change request information relevant to the device's stage is displayed below the device panel.

  3. To view detailed information about the change request, click Details.


    The Details area is displayed.

    For information about fields, see Details Fields (see Details Fields).

    Note: Click again on the Details button to close the Details section.

  4. To view specific change request information relevant to the change request type, click the button to the right of the Details button.

    For a traffic change request, this will be the Traffic button, for an object change request, this will be the Object button, for rule removal or modification request this will be the Rules button, and for a web filtering request, this will be the Web Filtering button.

    The relevant information is displayed.

  5. To view information about an AppViz application that is related to the change request, click Business Application Information. This includes the application diagram and the changes to the application flows which are being implemented with the change request. For details, see View business application details.

    Note: The Business Application Information button only appears for traffic change requests which were opened for the sake of an application in AppViz. The Business Application Information button is disabled for users who do not have the AppViz permissions required to view this information about this application.

  6. To view previously calculated information, do one of the following:

    View work order, risk check results, or validation results

    To view the work order, risk check results and/or validation results for a device, do the following:

    1. Click next to the desired device to display the device's change request information.

      Immediately below the device panel, a set of buttons appears that is relevant to the device's calculated information. These buttons may include Work Order, Risk Check Results and/or Validation Results.

      If the information has not been calculated, the button will be disabled.

    2. Click the desired button.

      A window appears with the calculated information for the desired device.

    View initial planning results

    To view a change request's initial planning results in PDF format, do the following:

    1. In the Change Request Lifecycle Status Bar, click Plan.

      The read-only view of the Plan tab appears.

    2. Click Initial Plan results.

      The initial plan PDF appears.

    Note: The Initial Plan results PDF will only appear for a change request once the Plan stage has been completed. The PDF file does not include the network map generated during Initial Planning.

    The Initial Plan results PDF may not appear, depending on your FireFlow configuration.

  7. To view information about the SLA, hover over .

    The SLA information appears. For more details, see SLA Information Fields.

    Note: If the SLA icon is orange, an active SLO is expired.

Details Fields

Each change request includes the following details. The items displayed for you may differ, depending on your user permissions.

View host vulnerabilities data

AlgoSec integrates with different industry leading vulnerabilities scanners. Admin users can take advantage of vulnerabilities and implications as part of the risk check in the traffic workflow approval stage.

For each host in the change request, a vulnerability score is displayed with a detailed breakdown of the risk statistics which make up the score.

If your vulnerabilities assessment scanner is not configured, see Manage vulnerability assessment scanners

View business application details

The Business Application Information button appears for traffic change requests which were opened for the sake of an application in AppViz.

Note: This button is disabled for users who do not have the AppViz permissions required to view this information about this application.

The application name is also a link to the application in AppViz. The Diagram tab displays the fully interactive application diagram.

Selecting the Changed Flow tab displays the changes to the application's flows which are being implemented with the change request.

SLA Information Fields

Active SLA

A list of currently active SLAs, including their names, due dates, and the amount of time elapsed so far.

Completed SLA

A list of completed SLAs, including their names, the amount of time it took to complete them, and their current status.

Devices SLA

Click any of the devices to display its SLA information.

This field only appears for change requests that affect multiple devices.

View change request histories

You can view a change request's history, including all comments and replies associated with the change request.

Do the following:

  1. View the change request. For details, see View individual change requests.
  2. Do one of the following:

    • Click to expand the History area. The history is displayed.
    • In the main menu on the left, click History under the change request number.

      The Change Request History appears displaying all comments and replies associated with this change request.

    For each comment/reply, the following information is displayed:

    • Brief header information, including the date and time at which the comment/reply was created, the name of the user who created it, and its subject line.

    • The full text of the comment/reply.

      Note: The full text will not appear if you limited the length of displayed messages. For information on configuring this setting, see Customizing General FireFlow Settings.

    • The size of the comment/reply in bytes.
  3. Click Full headers to display full header information for each comment/reply, at the top of the History area.
  4. Click Brief headers to display brief header information for each comment/reply, at the top of the History area.
  5. Click Download to view a comment/reply in plain text, next to the desired comment/reply.
  6. To view an automatically generated email sent by the FireFlow system, next to the desired "FireFlow_System - Outgoing email recorded" history item, click Show.

The email and its full header information appear in a new window.

Bookmark change requests

If you would like to keep track of a change request, you can bookmark it. The bookmarked change request will appear in your Home page's Bookmarked Change Requests list.

Do the following:

  1. View the change request. For details, see View individual change requests.
  2. In the top-right corner of the workspace, click the icon.

    The icon changes to .

You can now view the bookmarked change request in your Home page's Bookmarked Change Requests list. For details, see View change requests on your FireFlow home page.