Home > Forefront TMG 2010, Threat Management Gateway > Forefront TMG 2010 Configuration Change Description Survey

Forefront TMG 2010 Configuration Change Description Survey

December 19, 2011

When making changes to the Forefront TMG 2010 firewall, by default the administrator is prompted to enter a description of the configuration changes made before they are applied. For those TMG administrators that use this facility, what kind of information do you put in this change description box? A verbose explanation of changes made? Details about why the change was made? Your name, network ID, or initials? Is it helpful to provide reference to a help desk ticket or a change request?

Tell me how you use this feature and what kind of information you typically provide by commenting on this post. I’ll approve the most interesting and useful ones as they come in. Thanks in advance for participating!

Categories: Forefront TMG 2010, Threat Management Gateway Tags: , , , , ,
  1. Etienne Liebetrau
    December 19, 2011 at 1:51 pm

    From a PCI compliance perspective we have to be able to reference all firewall changes to a change request. Since the data logged is quite detailed including the person making the changes the only real bit that is missing is the request number.

    On a side note, it pays to spend some time to learn how to read an interpret the log before something goes wrong and then you start looking for answers

  2. Jason Jones
    December 20, 2011 at 12:21 am

    Hey Rich,

    A lot of detail is already recorded in the change log already, so with some customers we just use this to record the Change Number or Change Reference. This way a change number can be tracked back to the actual TMG changes.

    Sometimes it is also useful for a real world comments like “Added URL filtering exception to keep CIO happy” 🙂

    Cheers

    JJ

  3. Petar Petrov
    December 20, 2011 at 12:22 am

    Usually a reference to a help desk ticket, explaining what is the change, who requested it and who approved it.

  4. Richard Knight
    December 20, 2011 at 3:36 am

    As a consultant I try to always use change number, my company name and initials if i am using a generic login detail. So to prove to the customer what changes I have made.

  5. Chris O'Callaghan
    December 20, 2011 at 7:35 am

    RFC Number (logged on our incident / change management system) the change title and implementing engineer.

  6. Ahmet Abdagic
    December 21, 2011 at 12:47 am

    When i make some change to the old ISA or now TMG 2010, always i use this feature. Which Admin use server, who make a changes, time and date, by whose order (CIO, CEO, etc.) is done, the work order number

  7. Naresh Man Maharjan
    December 31, 2011 at 11:00 am

    This Change Tracking feature continues from ISA Server 2006 SP1 to TMG 2010. This feature is very powerful features because of the following reasons:

    1. It automatically export the entire TMG configuration before we apply the new policy. So it will help us to revert back to previous configuration if we get any problem after applying the new policies.
    2. Second it helps to track the TMG administrator so that who will change or modify or delete the firewall policy at what time and date. Change Tracking will display the Time, User and Change summary. This is mainly for the TMG administrator for the tracking firewall rule modification by who the users at what time for which reasons.

  8. Jonathan Works
    January 27, 2012 at 10:14 am

    I always provide a high-level reason a change was made along with a reference to a ticket number from our helpdesk system. This allows us to go back and audit changes with more granular detail tracked by our ticketing/change control system.

  1. No trackbacks yet.
Comments are closed.