About Policy Planner
Policy Planner is a complete workflow ticketing solution in the Security Intelligence Platform that integrates with Security Manager to allow requesters, managed by administrators, to accept change requests to a firewall and oversee the change management system, including risk and compliance. As with all FireMon products, the goal of Policy Planner is to help a security administrator protect the overall security posture of an organization.
Your ability to view and work a ticket within a given task is determined by the workflow permissions set by your administrator. Workflow tasks eliminate rule redundancy and hierarchical misplacement; they also mitigate risk and maintain your existing security posture as you add, delete or modify rules, and run assessments proactively against a proposed access on an enforcement point in order to ensure that your organization meets compliance requirements as stated in FireMon's security policy.
Policy Planner is highly extensible with fully maintained and supported API to allow for direct integration into third-party products. The end-result is a customer relationship management experience with Policy Planner in your business enterprise.
The communication protocol for Policy Planner is TCP port 443 that provides a tunnel from the browser to the application server. Port 443 provides Policy Planner access and the ability to export configurations from Security Manager over a secure socket layer (SSL).
About the Workflow Process
After you create a ticket in Policy Planner, the ticket enter the workflow queue at the Design task. The workflow process involves a user requesting access, then someone (which may or may not be that same user) has to design or create that access and design the rules; someone then has to review and approve what has been designed, and then the design is staged for implementation on the enforcement point. The design then needs to be verified which means the stakeholders need to agree that they implemented what they said they'd implement and that the design met the objectives of the business.
At this point, the ticket can be marked complete. There's a full list of features and user interface commands both in the design-phase operations and in the operations of workflow itself. You can take a number of actions in workflow such as sending a ticket back to get additional information or comments, or you can reassign a ticket to another user if you have the privileges to do so.
About Licenses
You must have a valid FireMon license to log in to Policy Planner. At login, the system determines whether the server you have licensed is Enterprise or a MSSP. If your Policy Planner product is licensed as Enterprise, you will be taken directly into Policy Planner to begin working. If the server is licensed as a MSSP, the system determines the number of domains available to you, and if you have access to more than one domain, you are prompted to select a domain. If you have access to only one domain, the system will not display the dialog box and instead take you directly into Policy Planner using the one domain target.
If you are experiencing licensing problems, contact your FireMon sales representative.