Advanced Firewall Manager

My Role

I built, led, and coordinated a multi-disciplinary team, including: project management, system architecture, control plane engineers, front-end development, and field engineers, through all facets of the redesign for this project, including: project scoping, requirements gathering, technology analysis, information architecture, user task flows, interaction flows, prototyping, and development.

I was responsible for defining, organizing, and conducting all aspects of user research and design validation testing. Both internal SMEs and actual users participated in interviews, surveys, focus groups, and participatory design in order to address both user behavior and attitudes.

The Problem

All work flows in the GUI suffer from the same issues: they are object based, issolate each object’s properties page, and force externalization of memery. In the case of the Advanced Firewall Management the work flow issolated rule properties from their siblings which depending on each other.

For example, a rule preceding others may take actions preventing those succeeding rules from executing. When only allowing the user to see the single rule, it makes it more difficult to understand its impacts on those that follow. Similarly, issolating the view of a latter rule’s properties forces the user to remember what came before it.

Constraints and Limitations

We were constrained to the general look-and-feel of the existing system. While we could introduce new work flows and new patterns, they were required to look familiar and feel that they belonged as part of the larger product.

Our ability to alter the backend was also limited, though not totally restricted. We knew we would be placing new demands on the backend that would require updates to their processes, but reworking deeper elements that may have improved or made available new UX patterns was not always possible.

Our Process

Our process was a straight forward user-centered design process, though it was a new process to many of those that participated. Weekly meetings, attended by design, front-end developers, back-end developers, and architects, made sure that everyone was involved through the entire design cycle. Not only that, but that design was involved during the development cycle.


My deliverables to the development team consisted of multiple storyboards, walking through each task flow that was defined per the requirements.

The Result

Our primary goal in this update was: Bring the information to the user. Traditional work flows require the user to dig down an object model, one object at a time; isolating their view to that object at each step of the way. We were able to demonstrate, without question, that these traditional patterns were no longer appropriate in a modern approach.

While the patterns we introduced were tried and true in other environments, these new ideas were unique to the product:

  1. In-line table rule editing
  2. Dynamic components, such as autocomplete
  3. Batched and staged changes
  4. Smart data entry, allowing the system to make appropriate decisions

One of the most innovative additions (given the product at hand) we introduced was the “Inspector”, a right-side panel that provided object details. A common pattern in many other products, the introduction of the Inspector was the primary example of bringing information to the user. It allowed a user to see object details without leaving the current editor and allowed the us to externalize those memory requirements.

Next Steps

We demonstrated to module owners that replacing traditional work flows with more integrated data views was possible in the current framework. This allowed other design teams to quickly start breaking out of the traditional mind set and begin flattening the presentation layers in a more user centric way. The simple introduction of the “Inspector” (a right-hand panel providing object details, without navigating to that object) was a step to demonstrating to teams how incremental updates can be used to drastically improve the user experience, without totally redesigning.

Our team was quickly approached by multiple groups seeking to introduce similar concepts, utilizing both the technologies and usability patterns we demonstrated!