Add and edit request templates

This topic describes how to add new request templates to FireFlow, from scratch or based on an existing template, as well as how to edit existing templates.

Add IPv4 traffic, multicast, or multiple-device templates

This procedure describes how to add a new IPv4 traffic, multicast or multiple-device object change request template from scratch.

Note: For other types, see Add other types of request templates.

Do the following:

  1. In the main menu, click Request Templates.

    The Request Templates page appears with a list of templates.

  2. Click New Request Template.

    The Create New Request Template dialog is displayed.

  3. Select the request type for the template using the following information:

    • Select Traffic Change for a template that includes IPv4 traffic fields.
    • Select Object Change-single device for a template that includes object fields for a single device.
    • Select Generic Change for a template that does not involve any of the above.
    • Select Rule Removal for a template that involves device rule removal/disablement.
    • Select Rule Modification for a template that involves device rule modification.
    • Select Traffic Change IPv6 for a template that involves IPv6 traffic changes.
    • Select Web Filter Change for a template that involves filtering Web connections for Symantec Blue CoatClosed As of A32.20 AlgoSec will no longer support adding new Symantec Blue Coat devices. Existing deployed Blue Coat devices will still be functional. devices.
    • Select Object Change-multi device for a template that includes object fields for multiple devices.
    • Select Traffic Change Multicast for a template that involves multicast traffic changes in Cisco devices.

    Click OK.

    The Create a New Request Template page appears for the specified template type.

  4. Complete the template fields as needed.

    Any values you enter in the template will appear in all change request forms based on the template.

    For more details, see:

  5. Click Save template.

The new template is created.

Add other types of request templates

This procedure describes how to add request templates for types other than IPv4 traffic, multicast, or multiple-device change requests.

Do the following:

  1. In the main menu, click Request Templates.

    The Request Templates page appears with a list of templates.

  2. Click New Request Template.

    The Create New Request Template dialog is displayed.

  3. Select the request type for the template, using the following information:

    • Select Traffic Change for a template that includes IPv4 traffic fields.
    • Select Object Change-single device for a template that includes object fields for a single device.
    • Select Generic Change for a template that does not involve any of the above.
    • Select Rule Removal for a template that involves device rule removal/disablement.
    • Select Rule Modification for a template that involves device rule modification.
    • Select Traffic Change IPv6 for a template that involves IPv6 traffic changes.
    • Select Web Filter Change for a template that involves filtering Web connections for Symantec Blue CoatClosed As of A32.20 AlgoSec will no longer support adding new Symantec Blue Coat devices. Existing deployed Blue Coat devices will still be functional. devices.
    • Select Object Change-multi device for a template that includes object fields for multiple devices.
    • Select Traffic Change Multicast for a template that involves multicast traffic changes in Cisco devices.
  4. Click OK.

    The Create a New Request Template page appears for the specified template type.

    By default, the new template is disabled.

  5. To enable template after creation, click Template disabled. The Template enabled button appears.

  6. In the Request Template Name box, type a unique name for the new template.

  7. In the Description box, type a description for the template.

  8. In the Workflow list, select a workflow for the template.

  9. In the General section, complete the fields as needed for your template.

    For details, see:

    Any values you enter in the template will appear in all change request forms based on the template.

  10. To customize the position of the fields in the template, see
  11. Click Save template.

The new template is created.

Add request templates based on an existing template

This procedure describes how to add a new request template based on an existing template.

Do the following:

  1. In the main menu, click Request Templates.

    The Request Templates page appears.

  2. Do one of the following:

    • For IPv4 traffic, multicast, and multi device object change request templates, hover your mouse over the name of the template, and click .

      The Create a New Change Request page appears.

    • For all other templates, click on the name of the template on which you want to base the new template.

      The Modify Request Template page appears, displaying the selected template's settings.

    Note: Depending on the template, the Web Interface may look different.

  3. Modify your fields as needed. For details, see:

    Any values you enter in the template will appear in all request forms based on the template.

  4. Do one of the following:

    • For IPv4 traffic or multicast request templates, click Save template.
    • For all other templates, click Save As, and enter a new name for the template.

      Click OK when you're done.

The new template is created.

Edit request templates

Do the following:

  1. In the main menu, click Request Templates.

    The Request Templates page appears, displaying a list of existing templates.

  2. Click on the desired template's name.

    The request template's page appears.

  3. Modify the fields as needed. For details, see:

    Any values you enter in the template will appear in all request forms based on that template.

  4. Click Save template.

Delete request templates

You can delete any template, including built-in templates.

Do the following:

  1. In the main menu, click Request Templates.

    The Request Templates page appears with a list of existing templates.

  2. Hover over the desired template's name with the mouse.

  3. To delete, click the icon on the right.

    A confirmation message appears.

  4. Click OK.

The template is deleted.

Traffic change, multicast, and multi-device object template fields

In this field...

Do this...

Template disabled

To enable the template, click the widget at the top of the form. The widget turns green () and the label switches to Enabled.

Disabled templates will not appear as an option in the Create a New Change Request page.

Request Template Name

Type a name for the template.

Description

Type a description of the template.

Workflow

Select the workflow to assign change requests based on this template.

For more details, see Request templates and workflows.

Type some instructions for this request form (will be visible to everyone)

See Add custom instructions to IPv4, multicast, and multi-device object change templates.

To collapse or expand all sections, click the relevant link.

General

 

Type some instructions for this section (will be visible to everyone)

See Add custom instructions to IPv4, multicast, and multi-device object change templates.

+Add new field to section

To add a pre-defined custom field to the template, click this link and select the field in the drop-down menu.

To add a new custom field to the template, or to customize the position of the fields, see Modify fields for IPv4 traffic and multicast request templates.

Traffic

Note: This section is not relevant to multi device object change request templates. These request templates have object fields, and the Web Interface does no support customizing these object fields.

Type some instructions for this section (will be visible to everyone)

See Add custom instructions to IPv4, multicast, and multi-device object change templates.

+ Add or remove traffic fields

Click this link to select traffic fields which should appear for the request template. This includes generic traffic fields (which appear as an additional field in the traffic area) or traffic fields related to an existing traffic field, such as Source, Destination, Service, User or Application.

A dialog box opens. Select a field and click Save.

To add a new traffic field, click + New Traffic field. See New Field for Change Request Fields.

More

 

Type some instructions for this section (will be visible to everyone)

See Add custom instructions to IPv4, multicast, and multi-device object change templates.

+Add new field to section

To add a pre-defined custom field to the template, click this link and select the field in the drop-down menu.

To add a new custom field to the template, or to customize the position of the fields, see Modify fields for IPv4 traffic and multicast request templates.

+ New Section

To add a new section, click this link. For more information, see Modify fields for IPv4 traffic and multicast request templates.

Hidden Fields

Note: Fields added to the Hidden Fields section will not appear in the request form. They are only for internal use. You can drag fields into and out of this section, like all other sections.

+Add new field to section

To add a pre-defined custom field to the template, click this link and select the field in the drop-down menu.

To add a new custom field to the template, or to customize the position of the fields, see Modify fields for IPv4 traffic and multicast request templates.

Object change template fields

In this field...

Do this...

Template Name

Type a name for the template.

Description

Type a description of the template.

Template enabled

Check this box to enable the template. Disabled templates will not appear as an option in the Create a New Change Request page.

Request Type

Choose Object Change.

Workflow

Select Change-Object.

For more details, see Request templates and workflows.

Customize Fields

Click this button to add/remove fields, reorder fields, or reposition fields in the template. See Modify fields in request templates.

Queue

Select the desired queue.

Subject

Type a title for the change request that will be generated.

This field is optional.

Priority

Type a number indicating this request's priority, where 0 indicates lowest priority.

This field is optional. The default value is 0.

Device Name

Select the device on which the change should be made. For details, see Change request wizards.

The Request area and its fields are enabled.

This field is optional.

Action

Choose the desired request action.

For non-Check Point devices, the following options are available:

  • Add IPs to Object: Add IP addresses to a host group object on the selected device.
  • Remove IPs from Object: Remove IP addresses from a host group object on the selected device.
  • New Object: Add a host group object to the selected device.
  • Delete Object: Remove a host group object from the selected device.

For Check Point devices, the following options are available:

  • Add Values to: Add values to a host group object on the selected device.
  • Remove Values from Group: Remove values from a host group object on the selected device.
  • New: Add an object to the selected device.
  • Edit: Modify an object on  the selected device.
  • Delete: Remove an object from the selected device.

When using the New, Edit, and Delete actions, you must select the object type. This can be any of the following:

  • Host: An object with a single IP address.
  • Group: An object containing other objects, as well as sub-groups.
  • Range: An object with an IP address range.
  • Network: An object containing a network mask.

Object Name

Do one of the following:

This field is optional.

Show

For non-Check Point devices, click this button to translate the object name into an IP address(es).

For Check Point devices, click this button to do the following:

  • If the object is a host, click this button to translate the object name into an IP address.
  • If the object is a network, click this button to translate the CIDR/netmask content into an IP address range.
  • If the object is an IP address range, click this button to display the IP address range.
  • If the object is a group, click this button to display a list of objects in the group. All objects that are groups themselves can be expanded by clicking the + icon.

Values To Add / Values To Remove

Do one of the following:

  • Type the relevant IP address.
  • Use the Add IPs or Remove IPs wizard. For details, see Change request wizards.

This field is optional.

Scope

Select the relevant scope.

For Check Point devices, Local is automatically selected for a CMA and Global is automatically selected for MDSM.

This field is optional.

Change More Objects

To add more object changes, click this option and complete the fields.

To remove additional object changes from the request, click this option next to the desired object change.

Create change requests from file

Click Yes to enable creating a change request from an attached spreadsheet file.

For more details, see Request changes.

External change request id

If a relevant change request has already been opened for this request in an external change management system that is integrated with FireFlow, type the change request's ID number.

The FireFlow change request will be linked to the external system change request.

This field is optional.

Describe the issue

Type a free text description of the issue.

This description will be added to the change request history.

This field is optional.

Generic change template fields

In this field...

Do this...

Template Name

Type a name for the template.

Description

Type a description of the template.

Template enabled

Check this box to enable the template. Disabled templates will not appear as an option in the create a new change request page.

Request Type

Choose Generic Change.

Workflow

Select Generic.

For more details, see Request templates and workflows.

Customize Fields

Click this button to add/remove fields, reorder fields, or reposition fields in the template. See Modify fields in request templates.

Queue

Select the desired queue.

Subject

Type a title for the change request that will be generated.

This field is optional.

Priority

Type a number indicating this request's priority, where 0 indicates lowest priority.

This field is optional. The default value is 0.

Create change requests from file

Click Yes to enable creating a change request from an attached spreadsheet file.

For more details, see Request changes.

External change request id

If a relevant change request has already been opened for this request in an external change management system that is integrated with FireFlow, type the change request's ID number.

The FireFlow change request will be linked to the external system change request.

This field is optional.

Describe the issue

Type a free text description of the issue.

This description will be added to the change request history.

This field is optional.

Rule removal template fields

In this field...

Do this...

Template Name

Type a name for the template.

Description

Type a description of the template.

Template enabled

Check this box to enable the template. Disabled templates will not appear as an option in the Create a New Change Request page.

Request Type

Choose Rule Removal.

Workflow

Select Rule-Removal.

For more details, see Request templates and workflows.

Customize Fields

Click this button to add/remove fields, reorder fields, or reposition fields in the template. For details, see Modify fields in request templates.

Queue

Select the desired queue.

Owner

Select the owner.

Requestor

Type the name of the requestor.

Subject

Type a title for the change request that will be generated.

This field is optional.

Due

Click the calendar icon and select the due date.

Expires

Click the calendar icon and select the expiration date.

Priority

Type a number indicating this request's priority, where 0 indicates lowest priority.

This field is optional. The default value is 0.

Device Name

Select the device on which the change should be made. For details, see Change request wizards.

This field is optional.

Rule to remove

Click Select Rules to open the list of rules for the device. For each rule to remove, select the rule and click Select.

Requested action

Choose the action to perform on rules. This can be either of the following:

  • Disable rule: Disable the rule.
  • Remove rule: Remove the rule from the device.

Create change requests from file

Click Yes to enable creating a change request from an attached spreadsheet file.

For more details, see Request changes.

External change request id

If a relevant change request has already been opened for this request in an external change management system that is integrated with FireFlow, type the change request's ID number.

The FireFlow change request will be linked to the external system change request.

This field is optional.

From Template

 

Describe the issue

Type a free text description of the issue.

This description will be added to the change request history.

This field is optional.

Rule modification template fields

In this field...

Do this...

Template Name

Type a name for the template.

Description

Type a description of the template.

Template enabled

Check this box to enable the template. Disabled templates will not appear as an option in the Create a New Change Request page.

Request Type

Choose Rule Modification.

Workflow

Select Rule-Modification.

For more details, see Request templates and workflows.

Customize Fields

Click this button to add/remove fields, reorder fields, or reposition fields in the template. For details, see Modify fields in request templates.

Queue

Select the desired queue.

This field is optional.

Subject

Type a title for the change request that will be generated.

This field is optional.

Priority

Type a number indicating this request's priority, where 0 indicates lowest priority.

This field is optional. The default value is 0.

Device Name

Select the device on which the change should be made. For details, see Change request wizards.

This field is optional.

Create change requests from file

Click Yes to enable creating a change request from an attached spreadsheet file.

For details, see Request changes.

External change request id

If a relevant change request has already been opened for this request in an external change management system that is integrated with FireFlow, type the change request's ID number.

The FireFlow change request will be linked to the external system change request.

This field is optional.

Describe the issue

Type a free text description of the issue.

This description will be added to the change request history.

This field is optional.

Traffic change IPv6 template fields

In this field...

Do this...

Template Name

Type a name for the template.

Description

Type a description of the template.

Template enabled

Check this box to enable the template. Disabled templates will not appear as an option in the Create a New Change Request page.

Request Type

Choose Traffic Change IPv6.

Workflow

Select IPv6-Traffic.

For more details, see Request templates and workflows.

Customize Fields

Click this button to add/remove fields, reorder fields, or reposition fields in the template. For details, see Modify fields in request templates.

Queue

Select the desired queue.

This field is optional.

Subject

Type a title for the change request that will be generated.

This field is optional.

Priority

Type a number indicating this request's priority, where 0 indicates lowest priority.

This field is optional. The default value is 0.

Source

Do one of the following:

  • Type the IP address, IP range, network, or device object
  • Use the Choose Source wizard. For details, see Change request wizards.

This field is optional.

Destination

Do one of the following:

  • Type the IP address, IP range, network, or device object.
  • Use the Choose Destination wizard. For details, see Change request wizards.

This field is optional.

Service

Do one of the following:

  • Type the device service or port for the connection (for example "http" or "tcp/123").
  • Use the Choose Service Wizard. For details, see Change request wizards.

This field is optional.

Action

Choose the device action to perform for the connection. This can be either of the following:

  • Allow: Allow the connection.
  • Drop: Block the connection.

This field is optional.

NAT settings

Click this option to display Network Address Translation (NAT) and Port Address Translation (PAT) for the defined traffic.

The Source NAT, Destination NAT, Port Translation, and NAT Type fields appear.

Depending on system customizations, the Source after NAT, Destination after NAT, and Port after Translation fields may appear as well.

Click NAT settings again to hide the NAT fields.

Source NAT

Type the source NAT value, if the connection’s source should be translated.

Note: If the Source after NAT field appears below this field, then you must type the source NAT value before translation.

This field is optional.

Source after NAT

Type the source NAT value after translation, if the connection’s source should be translated.

This field is optional.

Destination NAT

Type the destination NAT value, if the connection’s destination should be translated.

Note: If the Destination after NAT field appears below this field, then you must type the destination NAT value before translation.

This field is optional.

Destination after NAT

Type the destination NAT value after translation, if the connection’s destination should be translated.

This field is optional.

Port Translation

Type the port value, if the connection’s port should be translated.

Note: If the Port after Translation field appears below this field, then you must type the port value before translation.

This field is optional.

Port after Translation

Type the port value after translation, if the connection’s port should be translated.

This field is optional.

NAT Type

Specify the type of NAT (Static or Dynamic).

Note: If you filled in the Source NAT, Destination NAT, and/or Port Translation fields, then you must specify the NAT type.

This field is optional.

Add More Traffic

To add more traffic to the request, click this option and complete the fields.

To remove additional traffic from the request, click this option next to the desired traffic.

Create change requests from file

Click Yes to enable creating a change request from an attached spreadsheet file.

For more details, see Request changes.

External change request id

If a relevant change request has already been opened for this request in an external change management system that is integrated with FireFlow, type the change request's ID number.

The FireFlow change request will be linked to the external system change request.

This field is optional.

Device Name

Select the device on which the change should be made. For more details, see Change request wizards.

This field is optional.

Describe the issue

Type a free text description of the issue.

This description will be added to the change request history.

This field is optional.

Web filter change template fields

In this field...

Do this...

Template Name

Type a name for the template.

Description

Type a description of the template.

Template enabled

Check this box to enable the template. Disabled templates will not appear as an option in the Create a New Change Request page.

Request Type

Choose Web Filter Change.

Workflow

Select Web-Filter.

For more details, see Request templates and workflows.

Customize Fields

Click this button to add/remove fields, reorder fields, or reposition fields in the template. For details, see Modify fields in request templates.

Queue

Select the desired queue.

Subject

Type a title for the change request that will be generated.

This field is optional.

Priority

Type a number indicating this request's priority, where 0 indicates lowest priority.

This field is optional. The default value is 0.

User Group

Do one of the following:

  • Type the name of the user or user group that should be allowed/denied access to a URL.
  • Use the Choose User Group wizard. For details, see Change request wizards.

URL

Type the URL to which to allow/deny access.

Category

Do one of the following:

Action

Select the device action to perform for the connection. This can be any of the following:

  • Allow: Allow the connection.
  • Block: Block the connection.

Add More Web Filtering

To add more connections to the request, click this option and complete the fields.

To remove additional traffic from the request, click this option next to the desired traffic.

Create change requests from file

Click Yes to enable creating a change request from an attached spreadsheet file.

For details, see Request changes.

External change request id

If a relevant change request has already been opened for this request in an external change management system that is integrated with FireFlow, type the change request's ID number.

The FireFlow change request will be linked to the external system change request.

This field is optional.

Describe the issue

Type a free text description of the issue.

This description will be added to the change request history.

This field is optional.