facebook logolinkedin logoyoutube logo

Important information for former Skybox customers. Please click here to learn about FireMon’s migration programs

Learn More
firewall management photo

Policy Planner by FireMon

Firewall Policy Change Automation without Risk

Automate firewall change management to eliminate errors and increase business agility.

REQUEST A DEMOVIEW DATASHEET

Change Firewall Policies, Not Your Security Posture

The overwhelming majority of firewall and cloud security breaches stem from misconfigurations, not the controls themselves. Beyond introducing opportunities for error and expanding the threat surface, manual change management processes for complex on-premises and cloud environments are resource-intensive and hinder business agility.

FireMon Policy Planner main panel

FireMon Policy Planner

The Policy Planner module for Policy Manager is a network security automation and orchestration tool that controls the entire change management process while providing analysis, recommendations, and compliance checks prior to implementation. Proposed changes are automatically analyzed and checked against pertinent compliance and best practice guidelines. Rule recommendations compare existing rulesets against proposed changes to eliminate redundancy or duplicate access. With Policy Planner, reviewers can see access paths, vulnerabilities, and even audit results prior to pushing a rule live.

 

Policy Planner delivers:

  • Automated change management across the entire rule lifecycle, improving administration efficiency
  • Real time risk assessment gives instant visibility into potential issues
  • Rule set behavior analysis reduces complexity and increases efficiency
  • Pre-flight compliance and best practice checks ensure rules comply prior to implementation
  • Comprehensive policy automation allows organizations to automate at their own pace and confidence level
  • Business process integration allows Policy Planner to integrate with your existing process management solutions including ServiceNow and Remedy

Best-in-Class Firewall Rule Review Capabilities

Policy Planner Workflow automation

Policy Creation Workflow Automation

Minimize the opportunity for error and drastically increase speed with security policy orchestration across the entire rule creation and change management process.

  • Firewall rule automation for change commands, and changes to network, service, and group objects
  • Stage planned rules on a device from within the Policy Planner security automation module
  • Track comments, attachments, task history, and complete detail of all actions that occurred on a ticket
  • When paired with Policy Optimizer, rule decommissioning can be completely automated
Policy Planner assess risk and compliance

Real-Time Risk Assessment and Compliance Checks

Comprehensive analysis of proposed changes detects when new access will uncover vulnerable systems or increase the risk profile.

  • Real-time detection of vulnerable systems being uncovered by proposed changes
  • Pre-change analysis evaluated proposed changes for impacts to security, device complexity, and rule risk for the device in question
  • Proactively analyze proposed changes for compliance with regulatory and business requirements
Policy Planner rule recommendation

Proactive Rule Analysis and Recommendations

Determine if proposed changes are unnecessary or redundant in real time through automated analysis of existing rulesets.

  • Automated analysis of existing ruleset behavior with real-time recommendation to changes
  • Review which devices and policy rules may need to be modified to implement a requested change
  • Recommendations provided on potential actions to take on both the rule and the object
  • Device groups can be configured using different sets of rule checks
Policy Planner ITSM Integration

Comprehensive Business Process Integration

Integrate seamlessly with existing process management solutions to ensure the right teams are involved.

  • Policy Planner adheres to Business Process Model and Notation (BPMN) best practices
  • Integrate with a range of ITSM such as ServiceNow and Remedy to automate review by all applicable teams
  • Full-text search capabilities and ad-hoc queries based on any ticketing requirements-related fields
  • Full customization for change request forms and controls to meet organizational needs
Policy Planner Cover

Learn More About Policy Planner

  • Compliance Simulations for Change
  • Policy Standardization and Optimization
  • Policy Deployment and Migrations
VIEW DATASHEET

Frequently asked questions

What is FireMon Policy Planner?

FireMon Policy Planner is a change automation and orchestration module for Policy Manager that streamlines and secures the entire firewall and cloud policy change process. It provides automated analysis, compliance checks, and rule recommendations before deployment to reduce risk and accelerate change approvals.

How does Policy Planner reduce policy change risk?

Policy Planner reduces change risk by performing real-time risk assessments and compliance checks before changes are made. It automatically detects if a proposed rule exposes vulnerable systems or violates policy, enabling teams to fix issues before implementation

Can Policy Planner automate policy workflows?

Yes, Policy Planner automates the entire rule lifecycle, including rule creation, analysis, and deployment. It stages changes, tracks approvals, and integrates with ITSM tools to ensure efficient and auditable workflows.

Does Policy Planner support compliance checks before deployment?

Yes, Policy Planner performs pre-deployment compliance checks to ensure all proposed rules meet internal and regulatory requirements such as PCI-DSS, NERC-CIP, and more. This prevents non-compliant rules from entering production environments.

How does Policy Planner help identify redundant or unnecessary rules?

Policy Planner analyzes existing rulesets to detect redundancies or overlaps in proposed changes. It delivers real-time recommendations to optimize policies and reduce unnecessary complexity during the change process.

How does Policy Planner help identify redundant or unnecessary rules?

Policy Planner analyzes existing rulesets to detect redundancies or overlaps in proposed changes. It delivers real-time recommendations to optimize policies and reduce unnecessary complexity during the change process.

What ITSM platforms does Policy Planner integrate with?

Policy Planner integrates with leading ITSM platforms such as ServiceNow and Remedy. It enables ticket tracking, comment logging, attachment uploads, and automated reviews across change management workflows.

Can Policy Planner be customized for my organization’s processes?

Yes, Policy Planner is fully customizable to align with your business process management model. It supports custom forms, workflows, and rule validation criteria tailored to your internal controls and audit needs.

Is Policy Planner only for firewalls?

No, while Policy Planner supports firewall rule changes, it also handles modifications to network, service, and object groups across hybrid and multi-cloud environments. It scales with your infrastructure.