FireMon Change Automation – the right rule at the right time.

Network provisioning is typically a time-consuming and unstandardized process that can lead to configuration errors that negatively impact security and compliance. FireMon’s Policy Planner provides automated change workflows and analysis to ensure consistency and accuracy from design to review to implementation.

Why FireMon Policy Planner?

A part of the Security Manager Suite, FireMon Policy Planner enables a consistent, streamlined process for provisioning new or updated network access, reducing the time required for simple, low-risk change requests and freeing up resources to perform review of those that are more complex.

The FireMon Change Workflow

Policy Planner’s out-of-the-box workflow was designed with years of insight into the best practices in use across hundreds of our customers. We’ve also designed the platform so that the workflow can be customized to match the processes and tools that you’re already using.


Gather the necessary information from the start to ensure changes enable the business AND don’t increase risk.


Analyze planned changes prior to implementation to speed up the design process.


Compare changes against existing controls to determine impact to compliance and complexity.


Prioritize changes and push manually or automatically – depending on your device.


Confirm that the changes made match what was designed and approved.


Use integrated FireMon products to manage the rule through its complete lifecycle.

Doesn’t look like your process?

Security is not a one-size-fits-all solution, and neither is the workflow to support it. FireMon Professional Services can easily and quickly customize the “base” workflow to more closely support your existing process – add additional reviews, notifications, integrations with other ticketing systems.  Request a no-obligation assessment of your workflow today.

Key Product Features

  • Change Request: with structured/required input fields and input field validation.
  • Rule Recommendation: determine if a new rule is necessary or if an existing rule can be modified to achieve requested access.
  • Impact Determination: assess the impact a proposed change will have on compliance, complexity and your FireMon Security Index .
  • Skip-Review: bypass the review step for changes deemed “low-risk” by your established criteria.
  • Documentation: log the change that was made and any problems that occurred during implementation.
  • CLI Command Recommendation: generate the syntax required to implement changes on Cisco ASAs.
  • Policy Auto-Write: coming soon! automate implementation of approved policy changes.
  • Auto-Verify: check implemented changes against what was planned and approved (manual verification also available)

Policy Planner Resources

“FireMon is the best thing that has happened to firewalls and the network security market since inception. We can’t imagine a day without having FireMon in our customer networks.”
Associate Vice President, Spire Solutions
“[FireMon provides] ease of use through a device centric approach. Discovery can be accomplished through a high level report template or low level markup language. [FireMon is] very powerful and easy to use.”
Information Security Solution Engineer, CVS Caremark
“The FireMon Security Manager Training was very helpful with my day-to-day operational tasks and the instructors provided a lot of best practices configuration tips. Overall, I would recommend this class to the rest of my colleagues.”
Stacy V., Large financial institution in Southern California
“After we cleaned up our firewalls, the time it takes to add new rules is drastically reduced. We should have done this years ago. Very grateful for this solution!”
Anonymous, FireMon
“I feel like we’ve taken our firewall processes from ad-hoc to CMM level 5 with FireMon. Changes are planned and repeatable and we have a process to get the old rules out.”
Anonymous, FireMon


Experience the power of FireMon's Security Manager with Policy Planner by taking it for a risk free 30-day trial.