OpenPMF Makes Security Policy Manageable Through Automation

Our OpenPMF™ Security Policy Automation Platform  turns human-manageable security policies automatically into the matching preventive technical implementation. It lets you manage security policies in customizable terms that matter to your organization.

  • Save time and money
  • Adopt security easily & flexibly
  • Align business, security, compliance, developers
  • Improve proactive security & agility
  • Adopt across many new & legacy technologies
  • Proven technology since 2000

OpenPMF™ Makes Security Policy Manageable Through Automation

2b1Import, analyze & visualize your networks and applications

Import existing policies (e.g. OASIS XACML)

 

2aAuthor policies

in generic, intuitive, and rich concepts, using terms you choose

  • Policy editor to author ‘policy model’
  • Most ‘pieces of information’ user-configurable, self-configuring editor
  • Rapidly customizable/flexible
  • Standards-based (Eclipse EMF)
  • Web browser based, SaaS-ready

pyramid_350

Generate enforcement

technical rules & configurations at the click of a button

OpenPMF generates “low-level” technical policy implementation from generic, intuitive expressive “high-level” policies and other – ideally already existing – information sources.

4aTest policies using formal methods

For example, you can test whether certain policies can or cannot occur.

2cDocument compliance & natural language policy

in English language text exported at the click of a button.

  • easy to read & understand
  • to make sure the policy is right
  • for audit & compliance

2bEnforce

via OpenPMF’s own runtime. Many technologies out-of-the-box

  • Fine-grained Access Control Products (XACML)
  • Development Tools (Eclipse IDE & EMF)
  • Middleware: OSGi, BPMS BPMN SOA, web app servers, DDS, CORBA/CCM, IIOP ObjectWall
  • Network Intrusion Detection Systems
  • Identity Management, Directory Services, PMI & PKI, X.509, LDAP
  • Databases: PostgreSQL (under dev.)
  • Other technologies on demand

2bExport security configurations

into 3rd party products using OpenPMF’s rapidly customizable exporter

  • Firewalls, IDS/IPS, …
  • XACML, …
  • DLP
  • OS security

Monitor

via OpenPMF’s runtime, or import alerts.

Monitor via OpenPMF’s own runtime. Many technologies out-of-the-box:

  • Fine-grained Access Control Products (XACML)
  • Development Tools (Eclipse IDE & EMF)
  • Middleware: OSGi, BPMS BPMN SOA, web app servers, DDS, CORBA/CCM, IIOP ObjectWall
  • Network Intrusion Detection Systems
  • Identity Management, Directory Services, PMI & PKI, X.509, LDAP
  • Databases: PostgreSQL (under dev.)
  • other technologies on demand

Import alerts

from 3rd party products using OpenPMF’s rapidly customizable importers

Automatically update & rapidly customize

  • policies when your IT landscape changes
  • policies and enforcement for your organization

To update, just import any changes to your IT landscape,
and simply regenerate the technical policy at the click of a button.

Customize most features of OpenPMF, including:

  • policy features
  • importers
  • exporters
  • enforcement

OpenPMF is based on industry standards (Eclipse EMF, MOF, OMG QVT etc.)

  • Import, analyze & visualize your networks and applications
  • Import your existing policies (e.g. OASIS XACML)
  • Author policies
  • Generate enforcement
  • Test policies using formal methods
  • Document compliance & natural language policy
  • Enforce policies via OpenPMF’s own runtime
  • Export security configurations
  • Monitor via OpenPMF’s runtime, or import alerts
  • Automatically update & rapidly customize
    • policies when your IT landscape changes
    • policies and enforcement for your organization