OpenPMF 4.0 Security Policy Automation and Management Platform stops security breaches and data leakage with powerful policy enforcement, and makes security policy manageable through automation. OpenPMF is the “umbrella” platform for security policy management. It allows organizations to implement rich policies with consistency – organization-wide “in depth” across many technologies and layers.
OpenPMF lets you do this in a way that is easy to implement, manage and audit. You can author and maintain powerful yet intuitive security policies across your IT landscape , including for example Attribute Based Access Control (ABAC) based on rich, customizable attributes such as location, time and context. OpenPMF automatically calculates the matching technical enforcement rules and configurations for you – automatically bridging the ‘semantic gap’ between human intuitive generic security policies and the detailed technical implementation. OpenPMF reduces risk/costs, improves security & compliance, and enables smarter business.
ObjectSecurity OpenPMF lets you easily author generic and advanced security policies. It enables you to maintain “one truth” of the undistorted, feature-rich, expressive policies. OpenPMF automatically calculates the matching technical rules & configurations for the underlying IT landscape, integrating either via OpenPMF’s own enforcement software agents, or via rapidly customizable exporters to configure third party products.
OpenPMF is powerful and scalable: such generic policies will not need to be changed often, even if your IT landscape changes. OpenPMF simply re-calculates the technical updates for you. Unlike competing technologies, OpenPMF makes advanced access policies both manageable and implementable. It integrates out of the box with numerous standards and technologies, and automates much of policy authoring and enforcement.
What problem does OpenPMF solve?
When securing your organization’s interconnected IT landscape…There are too many rules & configurations, and too many changes to do this manually. It’s unmanageable. The policy you wanted isn’t all that complex and long if you write it out in human-intuitive concepts and terms. The policy gets very simple if you capture it in generic concepts.OpenPMF lets you easily author such generic policies and many more advanced generic policies. OpenPMF automatically calculates the matching technical rules & configurations. Even better, such generic policies won’t need to be changed often, even if your IT landscape changes! OpenPMF simply re-calculates the technical updates for you!
OpenPMF: Unique benefits
OpenPMF helps you implement and manage better access policies: you can robustly implement the necessary access control policies across your IT andscape based on rich, customizable attributes including location, time and context. OpenPMF makes access control mode effective, auditable and manageable across your interconnected IT landscape for all stakeholders. It reduces cost, and improves security and compliance. It also speeds up and simplifies security implementation, maintenance, and testing. It is often implemented as part of Identity & Access Management (IAM) initiatives, which all major enterprises and governments have.
How does OpenPMF work?
OpenPMF’s policies are captured in generic terms , rather than in technical security rules. This way, OpenPMF policies typically do not have to change when the application landscape (e.g. web application interactions) changes. OpenPMF automatically generates the technical security enforcement rules from those models by automatically analyzing the applications with all their interactions, and inferring which rules are required to enforce the requirements defined in the models. OpenPMF (patent-pending) ensures policies are manageable even if IT landscapes are large and change dynamically. The result is a significant cost saving, esp. with respect to maintenance.
Interested to learn more and understand how your organisation can benefit from OpenPMF. Request a free licence for the OpenPMF SaaS trial.
OpenPMF let’s you:
- Import, analyze and visualize your networks & applications. OpenPMF uses your existing information to simplify policy automation.
- Import existing security policies into OpenPMF as a basis for the policies you will manage in OpenPMF.
- Author policies in generic, intuitive, and rich concepts, using terms you choose.
- Generate enforcement technical rules & configurations at the click of a button.
- Test policies using formal methods. For example, you can test whether certain policies can or cannot occur.
- Document compliance & natural language policy in English language text exported at the click of a button.
- Enforce policies via OpenPMF’s own runtime.
- Export security configurations into 3rd party products using OpenPMF’s rapidly customizable exporter.
- Monitor via OpenPMF’s own runtime. Many technologies out-of-the-box and import 3rd party alerts.
- Automatically update & rapidly customize policies when your IT landscape changes and policies & enforcement for your organization.