This paper is from the SANS Institute Reading Room site. Reposting is not permitted without express written permission. Change Control Process for Firewalls Change is one of the inevitable facts of life we must deal with. Firewall objects and rulesets are constantly evolving in response to new threats, vulnerabilities and services. In order to provide defined Service Level Agreements to our Information Technology customers we are required to maximize availability while maintaining confidentiality and integrity of corporate data assets. As we adapt new enabling technologies for our customers ' growing business requirements a high level of internal security must be maintained... Copyright SANS Institut