Expedia’s Firewall
Rule Discovery System

01 - Overview

After brand technologists create a Virtual Private Cloud(VPC) they require a simplified workflow to expose it existing data centers. Several firewall rules may prevent the service from connecting without the users knowledge.

  • My Role
  • Product designer
  • Software Developer
  • Year
  • 2019 - 2020

02 - Challenge

Technologists at Expedia are often unsure of the protocol for handling firewall connection requests, given that they haven't been assigned a corresponding ticket. How do Expedians request, track, and manage requests for IP ranges to datacenters?

How might we streamline connecting a Virtual Private Cloud(VPC) to an existing Expedia data center?

Traveling with users

Firewall connectivity requests are a requirement to opening connections between environments. The firewalls and zone separation architecture improve Expedia's security stance and ensure continued compliance against PCI requirements. At Expedia the customer is responsible for identifying which connections their service requires and requesting them via the CNRQ process highlighted in this document. The CNRQ process was designed to provide the business and application teams with a method to perform firewall requests.

Software Engineer

“Who follows up on firewall requests?”

DevOps Engineer

“How do I edit a request after submission?”

Senior Systems Engineer

“How do I make sure my IP Ranges are safe for new connections?”

Goals

Streamline the connectivity request process for a Virtual Private Cloud by reducing margin of error rate.

Visibility

Users can not find IP range in string look up in service database.

Status

No list of subnets in service platform.

Mitigation

Multiple user errors during request configuration.

03 - Discovery

I found that it was difficult for users to understand what information was necessary for the Network Service team to successfully complete a firewall change request.

04 - Solution

Our solution empowers technologists at Expedia by providing a seamless and efficient protocol for handling firewall connection requests, even in the absence of assigned tickets. With our new feature, Expedians can now easily request, track, and manage requests for IP ranges to datacenters through a user-friendly interface. This streamlined process ensures clarity and accountability, ultimately enhancing the overall efficiency of Expedia's technologists in managing firewall connections.

designshowcase

“Whitelisting my application is much easier with the new tool.””

05 - Launch

Significantly reduced the risk of security breaches and enhances the overall resilience of your network infrastructure.

Manage

Now, users can effortlessly monitor the status of their network requests in real-time, providing unprecedented visibility and control over the request lifecycle."

Request

CNRQ drastically reduces the complexities associated with firewall requests, allowing users to submit requests within minutes.

Discover

Users can easily view and navigate through a detailed list of approved IP addresses they can connect to.

06 - Impact

Users can now submit, track, and manage network requests with unprecedented ease, eliminating unnecessary complexities and reducing the time required for each operation.

20%

Margin of error rate dropped by 20%.

15%

Overall NPS score increased by 15%.

1000

The new platform effortlessly manages 1,000 network requests every week.

Contact Me

Let's Talk.

peoples.develop@gmail.com