It is another month… another week… another day of virtualization and automation discussions. One of the great moments was a discussion with the customer going over the items that they could automate in their data center. Often times the customer wants to automate their firewall rules. They have a process for the requests and they have a process for implementing them. They have a process.
The debate I have is … “when was the last time you reviewed the process?”
When it comes down to it, the automation of your firewall rules on the Juniper firewall is the easy part. The hard part is understanding the workflow. Going through these meetings with the customers, often times I have found that they do not have the right people in the room and they don’t *really* know the process. When I mean the process, I mean every aspect of the process. For instance, are there policies specific to the user. If not, can you limit what IP’s, VLANs, networks, templates, that a user can access? If not, maybe you want to add it. Here is your opportunity to understand how the process works and if there is a chance you can make it better.
Maybe you don’t want to do that though. Maybe your process is just right. The point it, there is a workflow and more than likely that workflow has exceptions. Before you start scripting make sure you understand the integrations that are necessary (for instance some customers require cases to be open), all the tools that will be used, and all the people have checked off. Be careful, figure it out because I am always saying… “You can automate stupid”.