Add, modify, or remove a firewall ruleset in the Border or Server Farm firewalls.
After change, check major web sites from cell phone using carrier data network to verify that ruleset is not corrupted
--Palo Alto Firewalls (Border)---
Connect to management IP address via https.
Login with a admin account.
Check if their are any pending changes by viewing the "commit" icon in the top right corner. It will be lit if there are, also you can hover mouse over the icon for the status.
If needed, under Device->Management you can 'revert to running-configuration' to clear the pending changes.
Add, modify, or delete existing rule. Take care to make sure it has a logical location in the order of operations (ie not after a deny all rule)
Once rules are in place, click commit button. You can preview the changes to make sure the only changes match what you did. The commit automatically creates a new version of the config no other steps needed. Test by generating traffic from off campus to a device behind the firewall. (ie VPN service or http to ITS website)
---Juniper Firewalls (Server Farm)---
Connect to Firewall cluster with NSM Software
backup current running config
add new rule in local NSM software
validate rules and check for errors
deploy rules via NSM
test from off campus
Check main web site functionality from off campus as well as the newly modified rule
revert to backed up rule via NSM software