AWS Control Tower vs. Tufin Orchestration Suite

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
AWS Control Tower
Score 7.9 out of 10
N/A
The vendor presents AWS Control Tower as the easiest way to set up and govern a new, secure multi-account AWS environment. With AWS Control Tower, builders can provision new AWS accounts in a few clicks, while knowing new accounts conform to company-wide policies.N/A
Tufin Orchestration Suite
Score 8.1 out of 10
N/A
Israeli company Tufin offers a firewall security management offering via the Tufin Orchestration Suite, including SecureApp for managing network connectivity, SecureChange network change automation, and SecureTrack multi-vendor and next-generation firewall management.N/A
Pricing
AWS Control TowerTufin Orchestration Suite
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
AWS Control TowerTufin Orchestration Suite
Free Trial
NoNo
Free/Freemium Version
NoNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
AWS Control TowerTufin Orchestration Suite
Top Pros
Top Cons
Features
AWS Control TowerTufin Orchestration Suite
Firewall Security Management
Comparison of Firewall Security Management features of Product A and Product B
AWS Control Tower
-
Ratings
Tufin Orchestration Suite
8.3
2 Ratings
1% above category average
Policy planning and rule management00 Ratings9.42 Ratings
Automated Policy Orchestration00 Ratings8.12 Ratings
Device Discovery00 Ratings7.12 Ratings
Policy Compliance Auditing00 Ratings8.82 Ratings
Attack Path Simulation Testing00 Ratings5.92 Ratings
Anomalous Event or Behavior Deviation00 Ratings9.01 Ratings
Vulnerability Scans00 Ratings9.01 Ratings
Firewall Rule Cleanup00 Ratings9.42 Ratings
Best Alternatives
AWS Control TowerTufin Orchestration Suite
Small Businesses
AlienVault USM
AlienVault USM
Score 7.8 out of 10

No answers on this topic

Medium-sized Companies
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
Palo Alto Panorama
Palo Alto Panorama
Score 8.9 out of 10
Enterprises
CrowdStrike Falcon
CrowdStrike Falcon
Score 9.2 out of 10
Palo Alto Panorama
Palo Alto Panorama
Score 8.9 out of 10
All AlternativesView all alternativesView all alternatives
User Ratings
AWS Control TowerTufin Orchestration Suite
Likelihood to Recommend
8.3
(3 ratings)
7.5
(4 ratings)
User Testimonials
AWS Control TowerTufin Orchestration Suite
Likelihood to Recommend
Amazon AWS
We were wanting to prove the concept of a low touch process for quickly spinning up boilerplate AWS environments. We were able to get started quickly and to ensure that the AWS Well-Architected Framework principles were followed - at least upfront - however, we found that for our use case and expertise level it ultimately wasn't a fit. We have the skills on our team to manage more of this on our own. My recommendation would be contingent on what skills are already available on your team: if you can "do it yourself" you might as well so that you don't pay for resources you don't need and you have finer grain control over what's created.
Read full review
Tufin
Well suited scenarios - 1) Firewall Policy / Ruleset management 2) Where all the products are from Tufin like TOS ST, SC, SecureApp etc 3) Where customer focuses on ruleset compliance - USP violations, and other features Less suited - 1) Agnostic/distributed environment - Tough with integrate with 3rd party like CyberArk 2) FW recertification processes / exception process when complex process is included
Read full review
Pros
Amazon AWS
  • Easily create new AWS accounts.
  • Easily secure and manage AWS accounts.
  • Landing zone with SSO is a huge win for larger teams.
Read full review
Tufin
  • Firewall management
  • Compliance reports
  • Unused rules and optimization
  • Policy Automation
Read full review
Cons
Amazon AWS
  • The AWS SSO GUI is not very intuitive and determining how to apply policies to users without creating redundant logins has been a challenge.
  • The default guardrails do not fully encompass all the security checks that we needed.
  • There does not appear to be any way to control roles at the IAM level from the control tower account through the GUI.
  • Some features on AWS accounts still require logging into the individual account with the root user and cannot be done from AWS Control Tower.
Read full review
Tufin
  • Palo Alto Networks Integration
  • Better/more user friendly api for integration with ticketing systems
  • Web UI structure is not user-friendly
Read full review
Alternatives Considered
Amazon AWS
Using AWS Systems Manager and other slightly lower level components has been helpful for us to manage parts of our AWS presence at a more granular level than AWS Control Tower was designed for. It's not at all an apples-to-apples comparison as they solve different use cases, but for us, the use case associated with AWS Systems Manager was a better fit for our specific needs and skillsets. We did not need everything that AWS Control Tower was doing for us.
Read full review
Tufin
1) Fairly okay overall but definitely needs improvement overall Vs the other products available in the market like Palo Alto XSOAR 2) Cost wise okay at the beginning but when client demands add-ons/ more features/customization tailored to their needs, Tufin Orchestration Suite recommends RFE / custom costs/development costs 3) USP feature is cool to use overall Vs FireMon 4) Tufin ProServ needs to buckle-up/Support compared to other competitors in the market
Read full review
Return on Investment
Amazon AWS
  • Less time manually deploying accounts which was error prone.
  • Central logging allowed us to have 1 place to view logs.
Read full review
Tufin
  • I think if you correctly configure your SIEM, you don't need Tufin. You can correlate a lot of things for firewalls.
Read full review
ScreenShots