Title: GECS Account Request

Name: WTFO-0500 Status: Effective Version: 4.0 Effective Date: 10-Dec-2009

Process Steward: Wood, Chad M Dept: WT Infrastructure
Governing Procedure: WTSO-0543

Instructions 1. Complete all blocks below under “General Information”. Note

Supervisor/Business Sponsor must be a Pfizer employee.
2. Select option(s) from the “Access type” list.
3. Fill out section(s) corresponding to access type(s) requested.
4. Fill out “Business Justification” section, including justification for all
requested access types.
5. The Requestor and the Requestor’s Business Sponsor must sign a
printed copy of the form. Convey electronic copy of the form to the
Help Desk with a note that the form/request is to be submitted to the
gECS Operations queue. HelpDesk RightFax number (212)973-7220.

General Requestor’s full name: Douglas C. Roberts, Jr.

Information Requestor’s LAN ID: AMER\Roberd10
Requestor’s email address: Doug.C.Roberts@Pfizer.com
Requestor’s telephone number: 413-746-0054 X1112
Requestor’s site: Groton

Requestor’s supervisor’s/business sponsor name: Rindlisbacher, Ellen

Requestor’s supervisor’s/ bus spon telephone number: +1.734.730.1166
Date request submitted: 15-Dec-2009

General Remarks
     
Access Type Checkpoint Provider-1 -quarterly
Nokia IP series appliance(s)
Nokia Horizon Manager
Cisco CE host(s)
Blue Coat CE host(s)
Internal DNS/DHCP (QIP)
External DNS (Infoblox)
Juniper
Nortel
ECS Robots
CA eHealth
What’s Up Gold
PartnerConnect (PC) Portal
NAT Database

1
Based on WTTE-0005
v 3.0 Effective Date: 10-Nov-2009

Pfizer Internal Use

Title: GECS Account Request
Name: WTFO-0500 Status: Effective Version: 4.0 Effective Date: 10-Dec-2009
Process Steward: Wood, Chad M Dept: WT Infrastructure
Governing Procedure: WTSO-0543

Checkpoint Access level required (select all that apply):

Provider-1 Provider-1 Superuser
Customer Manager with read-only access to CMAs (list CMAs separated by
commas):                
Customer Manager with read-write access to CMAs (list CMAs separated by
commas):                
Customer Manager with customized access to CMAs (list CMAs separated by
commas):                
List all customizations, indicating “read only” or “read/write” access for every
permission; permissions not listed are assumed to be “No access”:
               
Customer Superuser for CMAs (list CMAs separated by commas):
               
Provider-1 Superuser
Nokia IP series Identify all Nokia IP series hosts for which access is requested (comma-separated
appliance(s) list):
               
or
Global access (all hosts)
Access level required (select one):
admin IPSO account (UID 0)
non-privileged IPSO shell access
Nokia Horizon Identify the scope and type of access required:
Manager Full administrative access to all Nokia hosts
Read-only access to all Nokia hosts
Administrative access to some Nokia hosts only (specify below in a comma-
separated list):
               
Read-only access to some Nokia hosts only (specify below in a comma-
separated list):
               
Cisco CE hosts Identify all Cisco CE hosts for which access is requested (comma-separated list):
               
or
Global access (all hosts)
Access level required (select one):
Full administrative ACNS account (privilege level 15)
Non-privileged ACNS shell access (specify privilege level      )
Blue Coat CE Identify all Blue Coat CE hosts for which access is requested (comma-separated
hosts list):
               
or
Global access (all hosts)
Access level required (select one):
Full administrative
Non-privileged

2
Based on WTTE-0005
v 3.0 Effective Date: 10-Nov-2009

Pfizer Internal Use

Title: GECS Account Request
Name: WTFO-0500 Status: Effective Version: 4.0 Effective Date: 10-Dec-2009
Process Steward: Wood, Chad M Dept: WT Infrastructure
Governing Procedure: WTSO-0543

QIP Access Identify the scope and type of access required:

Type DNS DHCP

Admin Access
Global Access
Regional Access
AMER
APAC
EMEA

External DNS Identify the scope and type of access required:

(Infoblox) Full administrative access
Read-only access

Juniper Identify the scope and type of access required:

Full administrative access
Read-only access

Nortel Identify all Nortel hosts for which access is requested (comma-separated list):
               
or
Global access (all hosts)
Access level required (select one):
Manage (read/write)
View Only (read-only)

ECS Robots Identify all ECS Robots for which access is requested (comma-separated list):
               
or
Global access (all hosts)
Access level required (select one):
Full administrative access
Read-only access

CA eHealth Identify the scope and type of access required:

Full administrative access
Read-only access

What’s Up Identify the scope and type of access required:

Gold Full administrative access
Read-only access

3
Based on WTTE-0005
v 3.0 Effective Date: 10-Nov-2009

Pfizer Internal Use

Title: GECS Account Request
Name: WTFO-0500 Status: Effective Version: 4.0 Effective Date: 10-Dec-2009
Process Steward: Wood, Chad M Dept: WT Infrastructure
Governing Procedure: WTSO-0543

PC Portal Identify the scope and type of access required:

Administrative
PC Queue Manager
PC Analyst
Security Analyst
Operations Analyst
Report User
Read-only access

NAT Database NAT IP Admin

BUSINESS JUSTIFICATION
Summarize the reasons you need the requested access:
GNS ECS Level 2
GNS ECS Level 3
Other – please explain
As a global build coordinator, access is required to add DNS entries for new VMguests as they are
being created in the global datacenters          

RISK ANALYSIS
Summarize the risk to Pfizer systems and network integrity if the systems should become
compromised through this access, if granted:
The access for the build coordinators has been scaled back such that the build coordinators only
have access to the subnets resevered for VMguests. All SP&R build coordinators have completed
the relavent P2L courses and have been instucted on how to prevent IP conflicts through the use of
the tool.          

ACCOUNT HOLDER RESPONSIBILITIES

ACCOUNT REQUESTOR MUST READ AND SIGN TO ACKNOWLEDGE

1. I have read and understood the contents of WTST-0117 gECS Access Control
Standard, particularly with regard to password complexity and discipline. I
will comply with this standard in all respects.
2. I have read and understood all applicable training documentation as directed
by the SME for this type of account.
3. I will not modify my own or others’ account privileges without proper
authorization and documentation as specified in WTSO-0543 gECS Account
Request SOP.
4. I understand that this account has been granted for performance of specific
tasks, as directed. Regardless of my account’s privilege level, I will not use it
to exceed the scope of my duties. I will never act to bypass logging or audit
record-keeping by any host or application.
4
Based on WTTE-0005
v 3.0 Effective Date: 10-Nov-2009

Pfizer Internal Use

Title: GECS Account Request
Name: WTFO-0500 Status: Effective Version: 4.0 Effective Date: 10-Dec-2009
Process Steward: Wood, Chad M Dept: WT Infrastructure
Governing Procedure: WTSO-0543

5. If I should have any reason to believe my account may have been

compromised, I will change the password and notify the System Owner
immediately.

Acknowledgement By Account Account Requestor

Requestor
I have read the Account Holder Responsibilities Statement above. I understand
that I am accountable for all actions performed with this account.

Print Requestor’s name Douglas C. Roberts, Jr     

Signature
Date

Approved By Requestor’s Signature of Pfizer FTE/Business Sponsor

Business Sponsor (a Pfizer
FTE) I approve that this access is required and justified for the requestor.

Print Approver’s name Rindlisbacher, Ellen          

Approver Signature
Date

Approved by System Owner / Signature of System Owner / Designated Approval

Designated Approval
Authority Authority
I approve the creation of this account.

Print Name Chad M Wood          

Signature
Date

REVISION HISTORY
Version Author Date Revisions
1.0 Chad M Wood 11-Dec-2008 Supersedes CITFO-0726. Contents
migrated to WT Repository by WT
Records Management. Approval of
this WT document follows Deviation
1476.
2.0 CWood 12-Feb-2008 Updated to reflect the correct
signature requirements. Updated to
remove ACE Account creation, and
to add Blue Coat, Nortel and
Infoblox, ECS Robots, CA eHealth,
What’s Up Gold Account creation.
5
Based on WTTE-0005
v 3.0 Effective Date: 10-Nov-2009

Pfizer Internal Use

Title: GECS Account Request
Name: WTFO-0500 Status: Effective Version: 4.0 Effective Date: 10-Dec-2009
Process Steward: Wood, Chad M Dept: WT Infrastructure
Governing Procedure: WTSO-0543

Version Author Date Revisions

3.0 Stephanie Fritz 03-Dec-2009 Minor Revision to update the QIP
roles only and to designate for region.
4.0 Stephanie Fritz 08-Dec-2009 Minor Revision to remove the GNS
ECS Level 1 option for the QIP
access type.

6
Based on WTTE-0005
v 3.0 Effective Date: 10-Nov-2009

Pfizer Internal Use