Policy Design and Provisioning
From Access Request to Policy Change
Security Change Automation shortens the path from access request
to policy change. Starting with the access request, which is
structured and based on the actual services and objects on the
network, SecureChangeā¢ eliminates much of the confusion and wasted
time associated with textual change requests. Once the request is
approved, SecureChange uses security-intelligent technology to help
administrators translate that access request into a secure and
efficient policy configuration - and can even implement the change
for you - automatically!
Smart Change Design Made Simple
Using Network Topology
Intelligence, the Policy Designer provides a graphic display of
policy rules along with the full access path between any specified
source and destination. It gives security administrators
vendor-specific configuration recommendations for each of the
devices in the access path, making it even easier to fulfill change
requests quickly and accurately. It also gives you the option to
automatically provision rule changes. After the change is
implemented, SecureChange automatically verifies that the change
accurately resolves the original access request.
Automatic Provisioning
SecureChange can automatically execute changes on firewall
security policies to dramatically reduce the time required to
implement access requests and eliminate human error. Provisioning
is a seamless part of the Security Change Automation workflow. The
system automatically recommends the required policy changes on the
relevant firewalls. After you review the recommendation, you can
have SecureChange automatically provision the change.
With Automatic Provisioning, SecureChange is a complete,
end-to-end solution for managing Security Change Requests from the
original access request, through risk analysis, design,
implementation, verification and audit.
Automatic provisioning is currently supported for Check Point
devices.
