...
- Document initial simple plan
- Set up (buy or make) some database to keep track of exceptions
- Communicate plan to relevant group computing coordinators
- Gather feedback and exception requests
- Acquire firewall capable of implementing this policy
- Set up automated system for feeding exceptions into firewall
- Finalize plan based on feedback
- Document plan in "policies and procedures"
- Announce plan to all users (via SLAC today?)
- Implement planpolicy
- Anticipate feedback from confused users
- Ongoing review of exceptions and formulation of longer term policy
Gliffy Diagram | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
|
Open questions
...
- Block incoming ssh by default?
- Leave incoming UDP open by default?
- How to communicate to computing coordinators?
- IPV6 support?
...
- Who is going to do the work?