Policy Design and Provisioning

From Access Request to Policy Change

Security Change Automation shortens the path from access request to policy change. Starting with the access request, which is structured and based on the actual services and objects on the network, SecureChangeā„¢ eliminates much of the confusion and wasted time associated with textual change requests. Once the request is approved, SecureChange uses security-intelligent technology to help administrators translate that access request into a secure and efficient policy configuration - and can even implement the change for you - automatically!

Smart Change Design Made Simple

Using Network Topology Intelligence, the Policy Designer provides a graphic display of policy rules along with the full access path between any specified source and destination. It gives security administrators vendor-specific configuration recommendations for each of the devices in the access path, making it even easier to fulfill change requests quickly and accurately. It also gives you the option to automatically provision rule changes. After the change is implemented, SecureChange automatically verifies that the change accurately resolves the original access request.


Automatic Provisioning

SecureChange can automatically execute changes on firewall security policies to dramatically reduce the time required to implement access requests and eliminate human error. Provisioning is a seamless part of the Security Change Automation workflow. The system automatically recommends the required policy changes on the relevant firewalls. After you review the recommendation, you can have SecureChange automatically provision the change.

With Automatic Provisioning, SecureChange is a complete, end-to-end solution for managing Security Change Requests from the original access request, through risk analysis, design, implementation, verification and audit.        

Automatic provisioning is currently supported for Check Point devices.;