SmartWorkflow Overview
Why is Change Management Important?
Managing network operations while accurately and efficiently implementing security policies is a complex process. Security and system administrators find it increasingly difficult to ensure that all security gateways, network components and other system settings are properly configured and conform to organization security policies.
As enterprises evolve and incorporate technological innovations, network and security environments have become increasingly complex and difficult to manage. Typically, teams of engineers and administrators are required to manage configuration settings, such as:
- Security Policies and the Rule Base
- Network Objects
- Network Services
- Resources
- Users, administrators, and groups
- VPN Communities
- Servers and OPSEC Applications
An effective enterprise security policy change management solution is also essential to ensure compliance with increasingly stringent corporate governance standards and regulatory reporting requirements.
Key Features
- Full-featured security policy change management solution integrated into the Security Management server and Multi-Domain Security Management.
- SmartWorkflow Sessions allow administrators to work with discrete sets of additions and modifications to the security and network environment. The use of sessions is optional.
- Comprehensive audit trail features allow users to track and analyze changes to the security and network environment:
- New and modified objects are highlighted in the SmartDashboard object tree and in the Rule Base.
- Session Information Windows display specific changes and provide justification for these actions.
- Audit logs provide detailed information regarding all changes and can be viewed using SmartView Tracker.
- The Security Policy Change Summary report summarizes changes made during the current session. It includes detailed before and after comparisons.
SmartWorkflow Environment
SmartWorkflow is in SmartDashboard and works with SmartView Tracker, SmartReporter, and other consoles. In a Multi-Domain Security Management environment, SmartWorkflow works with the global SmartDashboard and a Domain Management Server SmartDashboard.
To see SmartWorkflow Session Information:
Open the SmartWorkflow tab in the bottom pane of the Software Blade tab.
Alternatively, click the Launch Menu button on the main SmartDashboard toolbar > > .
Task Flow
SmartWorkflow is flexible, with options for session management and role segregation features. You configure if SmartWorkflow works with sessions only, sessions and roles, without sessions or roles.
Task Flow for Sessions and Role Segregation
Sessions and role segregation use the full change management functionality in SmartWorkflow.
Task
|
Administrator
|
SmartWorkflow Manager
|
1
|
Open new session
|
|
2
|
Configure SmartDashboard settings
|
|
3
|
Submit session for approval
|
|
4
|
|
Review session
|
5
|
|
Approve session or Request repair
|
6
|
If Approved: Install Policy
If Request repair: Change settings and submit for approval again
|
|
All sessions must be approved before you can install a policy.
Task Flow Sessions Without Role Segregation
You can configure SmartWorkflow to work with sessions, without requiring manager approval before policy install. Full tracking and auditing is available.
- The administrator opens a new session, and makes the changes.
- The administrator submits the session.
- SmartWorkflow automatically approves it.
- The administrator installs the policy.
Task Flow Without Sessions or Role Segregation
You can configure SmartWorkflow to work without explicit sessions and without Role Segregation. Using this option, SmartDashboard functions as if SmartWorkflow is not enabled, but an automatic session is in the background. SmartView Tracker and audit trail are still available.
- The administrator changes the security policy and network configuration settings in SmartDashboard.
- The administrator installs policies.
|
