Tufin Orchestration Suite

Tufin Orchestration Suite

Score 8.1 out of 10
Tufin Orchestration Suite

Overview

What is Tufin Orchestration Suite?

Israeli company Tufin offers a firewall security management offering via the Tufin Orchestration Suite, including SecureApp for managing network connectivity, SecureChange network change automation, and SecureTrack multi-vendor and next-generation firewall management.
Read more

Recent Reviews

Read all reviews
Return to navigation

Product Demos

Tufin Orchestration Suite and VMware NSX
03:19
Return to navigation

Product Details

What is Tufin Orchestration Suite?

Israeli company Tufin offers a firewall security management offering via the Tufin Orchestration Suite, including SecureApp for managing network connectivity, SecureChange network change automation, and SecureTrack multi-vendor and next-generation firewall management.

Tufin Orchestration Suite Video

Tufin Orchestration Suite and VMware NSX

Tufin Orchestration Suite Technical Details

Operating SystemsUnspecified
Mobile ApplicationNo
Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

 (14)

Reviews

(1-4 of 4)
Popular Filters
Companies can't remove reviews or game the system. Here's why
August 31, 2021

Firewall Policy Management made somewhat easy!

Verified User
Team Lead in Information Technology
Financial Services Company, 5001-10,000 employees
Score 6 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We use Tufin Orchestration Suite products for various clients and for US EST biggie Insurance company. We implement/proposed it to the client to solve the problem of Firewall Audit / Firewall rule reviews, recertifying FW rules, identifying UNUSED rules with no hits. It helps our clients in managing FW rulesets / and keeping security posture of the ruleset intact. We also integrated it with Service NOW / ITSM solution
Pros and Cons
  • Firewall Policy Management
  • Workflows and its integration with Firewall change process
  • Capturing LAST_HITS data for FW rules
  • Tufin SecureChange needs to be more agnostic, easy to integrate with Service NOW
  • JSON payload identification for Tufin SecureChange while integrating it with SNOW
  • customization should be made more easy, like custom dashboarding
  • Tufin Orchestration Suite Professional services experience could be also improved overall - Taking more ownership
  • API calls to 3rd party tools should be more flexible
Likelihood to Recommend
Well suited scenarios -
1) Firewall Policy / Ruleset management
2) Where all the products are from Tufin like TOS ST, SC, SecureApp etc
3) Where customer focuses on ruleset compliance - USP violations, and other features
Less suited -
1) Agnostic/distributed environment - Tough with integrate with 3rd party like CyberArk
2) FW recertification processes / exception process when complex process is included
Tufin Orchestration Suite Feature Ratings
Firewall Security Management (8)
53.75%
5.4
Policy planning and rule management
90%
9.0
Automated Policy Orchestration
70%
7.0
Device Discovery
60%
6.0
Policy Compliance Auditing
80%
8.0
Attack Path Simulation Testing
40%
4.0
Anomalous Event or Behavior Deviation
N/A
N/A
Vulnerability Scans
N/A
N/A
Firewall Rule Cleanup
90%
9.0
Return on Investment
  • 35,000 USD/Grand extra client had to pay for add-on licensing (HA)
  • Good FW policy management feature overall ( LAST_HITS)
  • Tufin Orchestration Suite again asking for OS upgrade to TOS Aurora
Alternatives Considered
  • FireMon, AlgoSec and Palo Alto Networks Cortex XSOAR (formerly Demisto)
1) Fairly okay overall but definitely needs improvement overall Vs the other products available in the market like Palo Alto XSOAR
2) Cost wise okay at the beginning but when client demands add-ons/ more features/customization tailored to their needs, Tufin Orchestration Suite recommends RFE / custom costs/development costs
3) USP feature is cool to use overall Vs FireMon
4) Tufin ProServ needs to buckle-up/Support compared to other competitors in the market
Other Software Used
Cisco ASA, Checkpoint Halo, Splunk Application Performance Monitoring (APM), FireMon
June 21, 2021

The best Firewall Management- Tufin Orchestration Suite...

Binita Kharbanda | TrustRadius Reviewer
Binita Kharbanda
Shift Supervisor
MattsenKumar LLC (Information Technology & Services, 501-1000 employees)
Score 10 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We were having Firewall solutions from different vendors and whenever we needed to change any policy/ rules, it seemed a humongous task until we got the Tufin Orchestration Suite. With Tufin solution, we are able to push the policies according to our need on all the relevant firewalls in one go to allow/block the traffic.
Pros and Cons
  • Firewall management
  • Compliance reports
  • Unused rules and optimization
  • Policy Automation
  • Cost is too high
  • Documentation not available easily
  • Customer Support
Likelihood to Recommend
If there is any organization who is having more then 10-15 firewalls and from different vendors, Tufin Orchestration Suite can be best suited there as it can manage all the firewalls from one single pane of glass and push the policy, and get the Standard based compliance reports for the rules created on the firewalls.
Tufin Orchestration Suite Feature Ratings
Firewall Security Management (8)
95%
9.5
Policy planning and rule management
100%
10.0
Automated Policy Orchestration
100%
10.0
Device Discovery
90%
9.0
Policy Compliance Auditing
100%
10.0
Attack Path Simulation Testing
90%
9.0
Anomalous Event or Behavior Deviation
90%
9.0
Vulnerability Scans
90%
9.0
Firewall Rule Cleanup
100%
10.0
Return on Investment
  • Single Platform to manage all firewalls
  • Industry based standard compliance reports like HIPAA, ISO, GDPR
  • Firewall Rules Clean-up
  • Customization is bit limited
  • Troubleshooting is difficult with limited commands
  • CLI not user friendly
Alternatives Considered
  • Cisco Secure Firewall Management Center (formerly Firepower Management Center)
If I talk about the customizations and automations I think Cisco product lacks here as we get the full customization option with Tufin Orchestration Suite as per organization requirement. We can provide the Tufin Access to users as per their need only. If one user needs to see one particular firewall's report only, that can also be achieved with Tufin with its granular control.
Other Software Used
March 08, 2018

Think twice before buying

Verified User
Professional in Information Technology
Banking Company, 501-1000 employees
Score 4 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
We collect all firewall changelogs via Tufin. Our firewall vendors are Fortinet, Palo Alto, Juniper, and Checkpoint.
Pros and Cons
  • If you set your zones correctly Tufin will create your network topology map.
  • You can find which object or rule you want easily for all firewalls in the network.
  • Tufin provides more features for Checkpoint.
  • It doesn't run correctly with Fortinet firewalls
  • Support team does not have enough ideas for solving cases
Likelihood to Recommend
If you have checkpoint firewalls Tufin will work fine but for the Fortinet firewalls you have to stay away.
Return on Investment
  • I think if you correctly configure your SIEM, you don't need Tufin. You can correlate a lot of things for firewalls.
Other Software Used
March 01, 2018

Tufin for Enterprise and Firewall Migration Success

Alex Waitkus, CISSP-ISSAP, OSCP | TrustRadius Reviewer
Alex Waitkus, CISSP-ISSAP, OSCP
Security Architect
Securicon, LLC (Computer & Network Security, 51-200 employees)
Score 7 out of 10
Vetted Review
Verified User
Use Cases and Deployment Scope
Tufin is used to help with config audit and review of security policies/ACLs for multiple firewalls. We are working to implement the secure change feature.
Pros and Cons
  • Security Policy/ACL overview showing hit count and shadow policies
  • Configuration change tracking by user
  • Detailed reports on the firewall configuration
  • Palo Alto Networks Integration
  • Better/more user friendly api for integration with ticketing systems
  • Web UI structure is not user-friendly
Likelihood to Recommend
Tufin is great for reviewing firewall policy and changes, it makes tracking access down and auditing policy a breeze. We are replacing firewalls and Tufin has been a great help to review/audit/create new policies. We are finding that Tufin is lacking for use with Palo Alto. You can either work through Panorama and lose a lot of reporting or the firewall and lose the security policy. Tufin has stated they are working on this but it is the biggest issue we are facing.
Return on Investment
  • Tufin has helped increase firewall migration time letting us build new policies instead of migrating garbage in
  • Tufin helps to identify who changed what when so if a change impacts access Tufin can help find what change was made from a single location
  • Tufin has a great reporting feature - except for Palo Alto right now - that helps to review and audit policy, flagging overly permissive and shadow or partially shadow policies.
Alternatives Considered
Tufin and AlgoSec both provide a lot of the same features. I would say the choice of the two depend on your overall objective and use case. Both tools have features to accomplish different things. For firewall policy review, they are about the same in my opinion. We are currently evaluating RedSeal and don't have enough data to compare. RedSeal may lack some of the change features but appears to give the same level of reporting functionality.
Other Software Used
Return to navigation