Methods, systems, and computer program products for modeling a secure production network are provided. A method includes generating a test network for emulating production operations, capturing and analyzing data traffic occurring over the secure production network and a non-secure production network, and determining data flow requirements for isolating the secure production network and the non-secure production network from the test network. The data flow requirements are determined from results of data traffic capture and analysis. The method also includes generating business log from the data flow requirements and applying the business logic to a firewall associated with the test network. The business logic permits transmission of a subset of secure production data to the test network and prevents receipt of incoming transmission at the secure production network.