In this video, we will review the server decommissioning workflow.

A typical scenario for this workflow is that servers become obsolete due to hardware replacement or network architecture changes. Unused servers, which are still defined in firewall policies, weaken the security posture and increase maintenance complexity.

Luckily, you can leverage the server decommissioning workflow to identify unused servers and assess the impact of their removal and remove unused servers from firewall policies. Let’s see how.

Start off by opening a new change request in Tufin SecureChange.

Select the server decommissioning workflow.

Now enter request subject.

Enter the IP addresses of the servers that should be decommissioned.

Now submit the ticket, run impact analysis to identify the affected devices and policies.

The impact analysis tool displays a list of affected devices for each device.

You can view the affected rules.

Use designer to design the change.

View policy change recommendation.

Click vendor name to review relevant recommendations.

Click view rule to review change details.

Now click update devices to provision, the changes automatically to summarize using the server decommission workflow you can identify and remove firewall policies which are no longer used when a server is decommissioned to help you reduce the attack surface and keep up with your to-do list.

Thank you for watching.