Israeli company Tufin offers a firewall security management offering via the Tufin Orchestration Suite, including SecureApp for managing network connectivity, SecureChange network change automation, and SecureTrack multi-vendor and next-generation firewall management.
Israeli company Tufin offers a firewall security management offering via the Tufin Orchestration Suite, including SecureApp for managing network connectivity, SecureChange network change automation, and SecureTrack multi-vendor and next-generation firewall management.
We use Tufin Orchestration Suite products for various clients and for US EST biggie Insurance company. We implement/proposed it to the client to solve the problem of Firewall Audit / Firewall rule reviews, recertifying FW rules, identifying UNUSED rules with no hits. It helps our clients in managing FW rulesets / and keeping security posture of the ruleset intact. We also integrated it with Service NOW / ITSM solution
Well suited scenarios - 1) Firewall Policy / Ruleset management 2) Where all the products are from Tufin like TOS ST, SC, SecureApp etc 3) Where customer focuses on ruleset compliance - USP violations, and other features Less suited - 1) Agnostic/distributed environment - Tough with integrate with 3rd party like CyberArk 2) FW recertification processes / exception process when complex process is included
FireMon, AlgoSec and Palo Alto Networks Cortex XSOAR (formerly Demisto)
1) Fairly okay overall but definitely needs improvement overall Vs the other products available in the market like Palo Alto XSOAR 2) Cost wise okay at the beginning but when client demands add-ons/ more features/customization tailored to their needs, Tufin Orchestration Suite recommends RFE / custom costs/development costs 3) USP feature is cool to use overall Vs FireMon 4) Tufin ProServ needs to buckle-up/Support compared to other competitors in the market
We were having Firewall solutions from different vendors and whenever we needed to change any policy/ rules, it seemed a humongous task until we got the Tufin Orchestration Suite. With Tufin solution, we are able to push the policies according to our need on all the relevant firewalls in one go to allow/block the traffic.
If there is any organization who is having more then 10-15 firewalls and from different vendors, Tufin Orchestration Suite can be best suited there as it can manage all the firewalls from one single pane of glass and push the policy, and get the Standard based compliance reports for the rules created on the firewalls.
Cisco Secure Firewall Management Center (formerly Firepower Management Center)
If I talk about the customizations and automations I think Cisco product lacks here as we get the full customization option with Tufin Orchestration Suite as per organization requirement. We can provide the Tufin Access to users as per their need only. If one user needs to see one particular firewall's report only, that can also be achieved with Tufin with its granular control.
Tufin is used to help with config audit and review of security policies/ACLs for multiple firewalls. We are working to implement the secure change feature.
Tufin is great for reviewing firewall policy and changes, it makes tracking access down and auditing policy a breeze. We are replacing firewalls and Tufin has been a great help to review/audit/create new policies. We are finding that Tufin is lacking for use with Palo Alto. You can either work through Panorama and lose a lot of reporting or the firewall and lose the security policy. Tufin has stated they are working on this but it is the biggest issue we are facing.
Tufin has helped increase firewall migration time letting us build new policies instead of migrating garbage in
Tufin helps to identify who changed what when so if a change impacts access Tufin can help find what change was made from a single location
Tufin has a great reporting feature - except for Palo Alto right now - that helps to review and audit policy, flagging overly permissive and shadow or partially shadow policies.
Tufin and AlgoSec both provide a lot of the same features. I would say the choice of the two depend on your overall objective and use case. Both tools have features to accomplish different things. For firewall policy review, they are about the same in my opinion. We are currently evaluating RedSeal and don't have enough data to compare. RedSeal may lack some of the change features but appears to give the same level of reporting functionality.