FireMon Policy Planner

FireMon Policy Planner is a firewall-intelligent workflow solution that transforms security infrastructure management by automating the change process and giving firewall administrators the specific tools necessary to evolve policy and protection over time. This web-based system collects user requirements, recommends rule changes, provides detailed risk assessment of requested changes, and empowers full system audit and verification.

FireMon Policy Planner

Quickly audit that changes followed appropriate validation and verification procedures

Policy Planner works alongside existing business-process automation tools and integrates everywhere necessary to ensure critical firewall enhancements. FireMon’s approach drastically advances the change process regardless of whether organizations employ sophisticated enterprise business process software or home-grown change management tools, whether communication involves attaching spreadsheets to emails, even when they have no dedicated tools at all.

The increasingly complex device configurations interwoven from today’s firewall policies are challenging to implement at any point in time. Factor in the reality of ever-changing demands on network access and security, and manual upkeep of these systems has become nearly impossible.

Even more important than the sheer amount of time it takes to analyze the potential impact on performance and protection, configuration changes themselves must be carried out correctly. Policy Planner for FireMon Security Manager automates this entire process while documenting the purpose and ownership of all rules and decisions.

Policy Planner functional provides:

• Quickly assess the risk of requested access.
• Proactively analyze proposed changes for policy compliance.
• Reduce the cost of documenting compliance.
• Improve the firewall administrator’s efficiency.
• Enable business, technical and compliance change review.


Advanced Business Process Integration

Every organization has unique network security parameters and established management procedures. At the same time, further incorporation of industry standards builds operational consistency, streamlining critical processes to deliver crucial intelligence to numerous decision makers.

Policy Planner 3.0 combines automated analysis of network enforcement with support for the Object Management Group’s (OMG) Business Process Model and Notation (BPMN) standard, leveraging FireMon’s integrated work flow to facilitate integration with existing business process management solutions.

Via inclusion of BPMN (Version 2.0) best practices throughout analysis and rules recommendation, Policy Planner provides targeted results crucial to both business and technical users, addressing one of today’s IT security workforce management challenges.

Integration with Existing Processes

Integration with Existing Processes

Proactive Compliance Checking

Do newly added rules or configuration changes violate existing compliance policies and best practices? Having used Security Manager to clean up broad access, limit access to critical assets, and ensure that existing configurations meet corporate and regulatory guidelines, how do organizations ensure that new rules adhere to established standards?

With Policy Planner, choose those compliance checks that must be applied during the rule planning stage. Configure different checks for different device groups –applying, for example, corporate audit checks to all devices and adding PCI audit checks only to devices in a PCI compliant data environment. Audit results are displayed before the rule changes are approved, highlighting whether or not to implement policies as currently designed.

Compliance Checks

Policy Planner identifies and highlights proposed rules which would violate existing compliance policies