The Information Security and Network Services teams will be upgrading the IS&T Data Center to improve security and sustainability.
Phase One of the firewall upgrade, which took place during the Summer of 2022, replaced the existing Cisco equipment with Palo Alto firewalls. Phase Two will provide expanded coverage and enhanced level of security for all applications resident in the Data Center.
The network refresh, expected to begin in October 2022, will be replacing older Cisco networking equipment to ensure ongoing vendor support.
Both initiatives are being coordinated to minimize the impact to Data Center clients throughout the activities.
Project Timeline - Network Refresh
Data Center Firewall Upgrade to Palo Alto
- Phase One – Completed 8/9/2022
- Phase Two – To be determined
FAQs
How will the Data Center Firewall project impact my service or application?
All firewall rules and configuration items will be copied from the existing Cisco platform to the new Palo Alto platform in advance of the scheduled migration date. During the change window of your scheduled conversion date, network routing will be changed to pointed to the new Palo Alto platform. Due to the nature of this change there will be a brief network outage which may impact connectivity.
How will I know if my service or application is working properly with the new Palo Alto firewall?
The project team will perform high level testing to validate rules are in place and traffic is passing as expected. As an application or service owner, you will need to develop test plans to execute both before (for baseline) and after migration to validate performance is as expected. After migration, should you note any anomalies with your service or application, please open a ticket with ITHelp@bu.edu
How will I know when my service or application is being migrated to the new Palo Alto firewall?
A schedule is being developed to prioritize the movement of all services and applications. We expect to migrate 3 to 4 VLANs/subnets per change window over an 8-week span using two change windows per week (total of 16 separate migration windows) with an expected start date of July 5th for the first production migration. Once finalized, the schedule will be published on the project TechWeb page, and a broadcast message sent to all IS&T. Specific service and application owners will be notified individually two to three weeks in advance so we can coordinate any other activities that may be planned. Although every effort is being made to identify impacted service and application owners, records may be incomplete therefore we recommend checking the posted schedule and reaching out to the project manager cherimaw@bu.edu if you do not receive an advance notice.
