Skip to content

Adding Service Requests

The platform allows a user with the required permissions to request access to a service provided by an asset. Following their request, the software enables access to the requested service on the asset for the duration of the requested time range for the requested sources in addition to the rules managed by the segmentation policies. After the expiration of the requested time range, the software removes the user's requested access by removing the necessary rules from the endpoint.

As an example, imagine that the RDP or MS SQL service port is restricted on your Production database server; however an engineer needs temporary access to gather log files or push an update to production. Rather than modifying the Segmentation policy that manages this Production Database server, the user themselves can make a simple access request to this server, on the required service, coming from their host for a specific amount of time. Then when their requested time expires, the software will automatically remove this temporary service access and return the Production Database to its segmented state without requiring additional user interaction.

Create a Service Request

Service Requests are created from an Asset in the Asset Database where the user would like to have temporary access via a specified service. To create a Service Request:

  1. Log in with an Administrator or Asset Manager account.
  2. From the Asset Database, locate the Asset to which the request will be provisioned to and either use the asset's Actions menu to select the Request Service option or from the Asset view page, select Manage > Request Service.
  3. On the Add Service Request page, populate all required fields as followed:
    • Service: is the requested service to open the access to. For example, RDP or MS SQL.
    • Source Asset: is the source asset to open the service for. A source asset might represent a single host, network device, network location or an IP list.
    • Request Start: the requested start date and time when the service access is to be granted.
    • Request End: the requested end date and time when the service access is to be removed.
  4. Click the Save button to complete this operation.

Add Service Request

After the new Service Request is saved, a background job will process the request at the requested start time. You can use the Service Requests report (Reports > Service Requests) to monitor and take action on submitted Service Requests. When the requested time expires, another background job will process the removal of this service.