Requests without a system
Rule changes travel through Excel sheets, mail threads and WhatsApp — invisible to everyone a month later.
BulutraNET — Network governance layer
Network operations, governed.
BulutraNET turns firewall rules, VPN access and temporary exceptions into a controlled request–approve–log workflow — instead of changes living in spreadsheets, mail threads and chat.
01 The problem
Firewall changes live in chat.
Rules are requested by mail, approved verbally and applied under pressure. The policy grows; the knowledge of why it looks that way doesn't.
Temporary becomes permanent
Exceptions opened "for a week" stay open for years. Nobody remembers who asked, or why.
No change history
Who opened that port, when, for whom? The firewall config can't answer — and neither can anyone else.
Rules nobody owns
Orphaned, shadowed and any-any rules accumulate until the policy is unreadable — and unauditable.
02 How BulutraNET works
Request. Approve. Enforce — and expire.
01
Request
Every change — firewall rule, VPN access, temporary exception — starts as a structured request, not a message.
02
Approve
Network owners review with full context: source, destination, service, duration, justification.
03
Enforce & expire
Approved changes are applied and tracked. Temporary access closes itself. Every step is logged.
03 Core capabilities
The whole rule lifecycle, under control.
Firewall rule workflows
Request, review, approve — a controlled lifecycle for every rule.
Approval flows
Multi-step approvals with owners, context and a full record.
VPN access management
Grant, scope and retire remote access — per person, per duration.
Temporary access
Time-boxed exceptions that close themselves on schedule.
Rule lifecycle & expiry
Recertification and clean retirement — no orphans left behind.
Change history
Every modification attributed, timestamped and reversible.
Network visibility
A coherent map of zones, rules and flows across the estate.
Risky rule detection
Any-any, shadowed and unused rules flagged for review.
04 The workflow
From request to expiry — one governed path.
Change request
A rule, VPN or temporary-access request is opened.
BulutraNET
Owners approve with full context and duration.
Firewall
The change is applied to the device, tracked.
Access
Allowed, time-boxed or VPN — as approved.
Change log
Every step recorded; temporary access expires itself.
REQUEST → BULUTRANET → FIREWALL → ACCESS → CHANGE LOG
05 Change history & risk
Every change, on the record.
BulutraNET keeps the full story of your network policy — who requested, who approved, what changed, when it expires. The config stops being a mystery, and risky rules stop hiding in it.
09:02:11ADDrule #4821 TCP/443 LAN→DMZ · by n.kaya✓
09:40:36GRANTvpn → contractor.07 · 14 days✓
11:18:02TEMPTCP/22 → build-srv · expires in 48h✓
13:05:49FLAGany-any rule #112 · review required!
16:22:30EXPIREtemp #3380 · auto-closed✓
18:01:12REMOVEorphaned rule #097 · cleanup✓
0ACTIVE RULES
0AUTO-EXPIRED
0FLAGGED
06 Integrations
Works with the firewalls you already run.
FORTIGATE
SOPHOS
PALO ALTO
MIKROTIK
+ MORE VIA API
Vendor-neutral by design — governance sits above the device layer.
07 Use cases
Built for networks with many hands.
Municipalities
Dozens of buildings, vendors and contractors — one governed change process for all of it.
Universities
Open networks, research VLANs and dorms — flexibility without rule sprawl.
Holdings & multi-site
Local firewalls in every subsidiary — central policy, local execution, shared accountability.
Hospital groups
Segmented clinical networks with provable, auditable change control.
Take control
See BulutraNET on your own network.
A tailored demo on your topology — rule workflows, VPN access, temporary exceptions, expiry and change history, end to end.
- Response within one business day
- Tailored to your environment
- No obligation