diff --git a/ansible/browbeat/adjustment-firewall_driver.yml b/ansible/browbeat/adjustment-firewall_driver.yml
new file mode 100644
index 000000000..c7cb19f51
--- /dev/null
+++ b/ansible/browbeat/adjustment-firewall_driver.yml
@@ -0,0 +1,19 @@
+- hosts: controller
+  remote_user: heat-admin
+  gather_facts: false
+  vars:
+    ansible_become: true
+    driver: neutron.agent.linux.openvswitch_firewall:OVSFirewallDriver
+  roles:
+  - neutron-firewall
+
+- hosts: compute
+  remote_user: heat-admin
+  gather_facts: false
+  vars:
+    ansible_become: true
+    driver: neutron.agent.linux.openvswitch_firewall:OVSFirewallDriver
+  roles:
+  -  neutron-firewall
+
+
diff --git a/ansible/browbeat/roles/neutron-firewall/handlers/main.yml b/ansible/browbeat/roles/neutron-firewall/handlers/main.yml
new file mode 100644
index 000000000..075a3d9c1
--- /dev/null
+++ b/ansible/browbeat/roles/neutron-firewall/handlers/main.yml
@@ -0,0 +1,35 @@
+---
+#
+# Neutron handlers for browbeat adjustment
+#
+
+- name: unmanage neutron services
+  command: pcs resource unmanage {{ item }}
+  with_items:
+    - neutron-openvswitch-agent
+    - neutron-server
+    - neutron-l3-agent
+  ignore_errors: true
+
+- name: restart neutron services
+  service: name={{ item }} state=restarted
+  with_items:
+    - neutron-openvswitch-agent
+    - neutron-server
+    - neutron-l3-agent
+
+- name: manage neutron services
+  command: pcs resource manage {{ item }}
+  with_items:
+    - neutron-openvswitch-agent
+    - neutron-server
+    - neutron-l3-agent
+  ignore_errors: true
+
+- name: cleanup neutron services
+  command: pcs resource cleanup {{ item }}
+  with_items:
+    - neutron-openvswitch-agent
+    - neutron-server
+    - neutron-l3-agent
+  ignore_errors: true
diff --git a/ansible/browbeat/roles/neutron-firewall/tasks/main.yml b/ansible/browbeat/roles/neutron-firewall/tasks/main.yml
new file mode 100644
index 000000000..f5a10ac6b
--- /dev/null
+++ b/ansible/browbeat/roles/neutron-firewall/tasks/main.yml
@@ -0,0 +1,18 @@
+- name: Configure the firewall driver
+  ini_file:
+    dest: "{{ item.file }}"
+    mode: 0640
+    section: "{{ item.section }}"
+    option: "{{ item.option }}"
+    value: "{{ item.value }}"
+    backup: yes
+  with_items:
+    - { file: /etc/neutron/plugins/ml2/ml2_conf.ini, section: securitygroup, option: firewall_driver, value: "{{ driver }}" }
+    - { file: /etc/neutron/plugins/ml2/openvswitch_agent.ini, section: securitygroup, option: firewall_driver, value: "{{ driver }}" }
+  notify:
+    - unmanage neutron services
+    - restart neutron services
+    - manage neutron services
+    - cleanup neutron services
+
+