Physical access to firewall

Discussions about Internet service providers (ISPs), the Meetinghouse Firewall, wired and wireless networking, usage, management, and support of Meetinghouse Internet
egridley
New Member
Posts: 2
Joined: Thu Nov 20, 2014 1:32 pm

Physical access to firewall

Postby egridley » Thu Nov 20, 2014 1:37 pm

Just a question about physical access to the firewall. Obviously, we don't want it in a location where lots of people have access to. However, in our stake, the firewall in all 3 of the buildings is in a mechanical closet that I, as the STS, don't have a key to.

The only reason this even came up is because of the firewall upgrade that is currently available. I need to ensure that nothing is connected to port 2 on the firewall. I am having to track down bishopric members, clerks, etc. just to get physical access to the firewall.

Is this something that I should request physical access to?

russellhltn
Community Administrator
Posts: 20763
Joined: Sat Jan 20, 2007 2:53 pm
Location: U.S.

Re: Physical access to firewall

Postby russellhltn » Thu Nov 20, 2014 1:56 pm

I would.
Have you searched the Wiki?
Try using a Google search by adding "site:tech.lds.org/wiki" to the search criteria.

User avatar
aebrown
Community Administrator
Posts: 14693
Joined: Tue Nov 27, 2007 8:48 pm
Location: Sandy, Utah

Re: Physical access to firewall

Postby aebrown » Thu Nov 20, 2014 2:02 pm

egridley wrote:...in our stake, the firewall in all 3 of the buildings is in a mechanical closet that I, as the STS, don't have a key to.
...
I am having to track down bishopric members, clerks, etc. just to get physical access to the firewall.

Is this something that I should request physical access to?

I would say that you absolutely need physical access to the firewall. You need to be able to reset the firewall on occasion (usually this can be done remotely via Technology Manager, but not always), and you need to adjust cabling and do other tasks that require access. But of course, that decision would be made by the stake president, perhaps in consultation with the FM group and/or PFR.

When I was STS, I was given master keys to the facilities. I needed to go to demarc rooms, mechanical closets, clerks' offices, family history centers, and even bishops' offices in order to fulfill my calling. The way the FM group distributes keys in our stake, I was often the only one (besides the stake presidency and stake clerk and PFR) who could even get into mechanical closets -- bishopric counselors could not.

aclawson
Senior Member
Posts: 712
Joined: Fri Jan 19, 2007 6:28 pm
Location: Commerce Twp, MI

Re: Physical access to firewall

Postby aclawson » Sun Nov 23, 2014 9:09 am

There exists a stake master key that will open every door that exists. Your stake president can authorize you to get a copy from FM.

User avatar
Mikerowaved
Community Moderators
Posts: 3132
Joined: Sun Dec 23, 2007 12:56 am
Location: Layton, UT

Re: Physical access to firewall

Postby Mikerowaved » Mon Nov 24, 2014 12:19 am

aclawson wrote:There exists a stake master key that will open every door that exists. Your stake president can authorize you to get a copy from FM.

My SP didn't feel (and I agree with him) that I needed full access to all the bishop and SP offices, so I have a pretty full key ring that gets me into all the buildings, clerk's offices, and firewall locations. It's not as convenient as a master key, but it allows me access to everywhere I need to be to fulfill my calling as STS.
So we can better help you, please edit your Profile to include your general location.

aclawson
Senior Member
Posts: 712
Joined: Fri Jan 19, 2007 6:28 pm
Location: Commerce Twp, MI

Re: Physical access to firewall

Postby aclawson » Sun Nov 30, 2014 10:22 am

In our stake the FM group is in the process of changing all of the locks on the network cabinets to a single key to make it easier for the STS to get into the equipment.

natet
New Member
Posts: 49
Joined: Fri Oct 24, 2008 4:09 pm
Location: Richland, Washington, USA

Re: Physical access to firewall

Postby natet » Fri Jan 09, 2015 12:35 am

mikerowaved wrote:My SP didn't feel (and I agree with him) that I needed full access to all the bishop and SP offices, ...


I have found having access to the offices to be a rarely used, but valuable resource in my calling. I have used that access to test wireless signals in the Bishop and Stake Presidents offices when we installed WAP's, since one of the use cases for wireless in the building is during council meetings. In addition, our FM is understaffed, so I'm usually the person who is onsite when vendors such as the phone company come to service our lines, so I've needed access so I could test the phones in the offices.

drepouille
Senior Member
Posts: 1229
Joined: Sun Jul 01, 2007 5:06 pm
Location: Plattsmouth, NE
Contact:

Re: Physical access to firewall

Postby drepouille » Fri Jan 09, 2015 6:34 am

I have a master key to all exterior doors, but I only have access to about half of the clerks offices and FHCs, as well as the firewalls. In a few of our meetinghouses, the FM decided to put the firewall in the clerk's office, with the switch and power injectors strapped under the desk. I told the FM that this violates the policy that states that if a firewall is in a clerical office, it must be inside a locked cabinet. He's still pondering that one.

Last Friday, I noticed I could not see a WAP through TM. So I drove to the meetinghouse to find that the WAP was off. I found the power injector in the clerk's office, and it was off as well. The FM had mounted the power injector under the desk so the power plug was hanging out of the bottom of it. Gravity, vibrations, and feet under the desk had caused the plug to work its way out of a secure connection to the power injector.
Dana Repouille, Plattsmouth, Nebraska

rknelson
Member
Posts: 79
Joined: Tue May 01, 2007 2:13 pm
Location: Oregon

Re: Physical access to firewall

Postby rknelson » Sun Jan 11, 2015 9:41 pm

I can't imagine being able to magnify my calling without full access to everywhere that has equipment I need to support including printers, copiers, TV's, computers, modems, firewalls, network patch panels, wireless, satellite, phones, etc. I have the same master key the Stake President has to allow access to all rooms including mechanical rooms in all buildings in the stake, and I use it regularly. I also have MLS login accounts on every MLS computer. Of course the decision is ultimately up to the Stake President, but in order for him to make an informed decision he needs to understand the full breadth of what a Stake Tech is called to do.


Return to “Meetinghouse Internet”

Who is online

Users browsing this forum: No registered users and 1 guest