SmartWorkflow
Introduction
SmartWorkflow gives you the option to review and approve configuration changes made by other administrators before publishing them.
You can define which administrators must submit their changes for approval and which administrators are authorized to approve changes.
Streamlined policy change review, ensures accuracy of Security Policies through customizable built-in policy supervision workflows.
Goals
-
Demonstrate the capabilities of SmartWorkflow Approval cycle with 2 administrators (Submitter and Reviewer).
-
Demonstrate the capabilities of the new actions on R81.20 SmartTasks : send an email with a detailed change report after publishing a session, after policy installation, and more.
Demo Configuration
The Demo environment was preconfigured with the following permissions profiles , administrators and SmartTasks:
Permissions Profile
|
Permissions Profile Name |
Descriptions |
|---|---|
|
policy_approver |
Approve Policy changes |
|
policy_auto_approve |
Approve current local changes only |
|
policy_no_auto_approve |
Policy is submitted for approval |
Administrators
|
Administrator Name |
Administrator Password |
Administrator Email |
Profile |
|---|---|---|---|
|
t1_admin |
Cpwins1! |
t1admin@local.lab |
policy_no_auto_approve |
|
t2_admin |
Cpwins1! |
t2admin@local.lab |
policy_auto_approve |
|
t3_admin |
Cpwins1! |
t3admin@local.lab |
policy_approver |
SmartTasks
|
SmartTask Name |
SmartTask Description |
|---|---|
|
Send Email After Submit Changes |
Send Email from the submitter to the reviewer after submit changes |
|
Send Email After Approve Changes |
Send Email from the reviewer to the submitter after approve changes |
|
Send Email After Reject Changes |
Send Email from the reviewer to the submitter after reject changes |
Instructions
|
Step |
Instructions |
|---|---|
|
1 |
Login with t1_admin (Submitter) to SmartConsole : user name : t1_admin password : Cpwins1! |
|
2 |
Make some changes on the Access Policy Rule Base , e.g. : Add IMAP-SSL Service under Services & Applications on the following rule :
|
|
3 |
Click on Submit Request and Click Submit :
|
|
4 |
After Several seconds , SmartTask will be executed and will send email to the reviewer (t3_admin):
|
|
5 |
Logout from SmartConsole |
|
6 |
Open the Mail application from the taskbar and Move to the inbox of T3 Admin:
|
|
7 |
Login with t3_admin (Reviewer) to SmartConsole : user name : t3_admin password : Cpwins1! |
|
8 |
Navigate to Manage and Settings > Sessions and locate the Pending approval session of t1_admin :
|
|
9 |
Right Click on the session and select : Approve :
|
|
10 |
Click Approve to Publish this change :
|
|
11 |
After Several Seconds, SmartTask will execute and will send email to the submitter for the reviewer approval.
|
|
12 |
Open the Mail application from the taskbar and Move to the inbox of T1 Admin to review the approval email :
|
You can also repeat the above cycle with Reject decision of the reviewer (t3_admin).