Server Lock Down

This procedure describes and defines the processes and procedures that will be used to manage service requests (SRs) to perform a Server Lockdown. The Service Request will be created for every server build or whenever it is determined by a security organization in an organization that a server is has open access or is in some way violating corporate security rules.


The authorization process begins when the Requester submits a service request for a lockdown of a server. The process completes when the tasks have been completed a successful security scan is completed the service request is closed.

The following tasks are performed as part of the authorization process:
  1. Prerequisite action
  2. Approval request (validate and approve)


This procedure is part of the overall Build New Server Service Request. Server Lockdown is the responsibility of both IBM and the IBM Customer. The procedure ends when all activities related to a Server Lockdown Service Request are completed and the Service Request is closed.

The roles responsible for managing the server lockdown request procedure are the Project Manager or other requester, Server Build team, QA, or other independent security analyst.

The following tasks are performed as part of the fulfillment process:
  1. IBM Server Lockdown
    1. Install lockdown software
    2. Configure settings
    3. Reboot if necessary
    4. Run security scan
    5. Repeat steps b-d if required
  2. QA or other independent Security Analyst scan and completion
    1. Run Independent Security Scan
    2. E-mail requestor upon successful completion
    3. Close request

Resource assignment

Direct assignment by analysts to specialist or the team queue. This is described as part of the fulfillment activities as the assignments are made.

Role assignment

Note that roles several roles may be performed by the same individual.

Table 1. Server Lockdown role assignment
Role Responsibilities related to Server Lockdown Requests
Project Manager or Requester Requests server lockdown
Server lockdown Approver Approves Service Requests. The approver also analyzes requests, assigns requests to appropriate queues, assigns SLA targets, assigns SR numbers, opens SR activities for assigned service providers.
Security Specialist (Fulfiller) Installs Security software (Dependent on server type), configures servers to plug all known security holes, and runs security scan software.
QA/Security Team (Fulfiller) Security Scans are to be run, an approval/completion email sent to requester and the service request closed.