TrustRadius: an HG Insights company

Tufin Orchestration Suite

Score8.8 out of 10

15 Reviews and Ratings

Get a Demo

What is Tufin Orchestration Suite?

Israeli company Tufin offers a firewall security management offering via the Tufin Orchestration Suite, including SecureApp for managing network connectivity, SecureChange network change automation, and SecureTrack multi-vendor and next-generation firewall management.

Categories & Use Cases

Key Features

Learn about the best (and worst!) features Tufin Orchestration Suite has to offer, as determined by TrustRadius' reviewers.
Based on 15 ratings of Tufin Orchestration Suite's features
View all features

Top Performing Features

  • Policy planning and rule management

    Monitor the effectiveness of network security infrastructure

    Category average: 8.2

  • Firewall Rule Cleanup

    Ability to detect and cleanup rules that are either partially or completely unused, expired or shadowed

    Category average: 8.8

  • Anomalous Event or Behavior Deviation

    Ability to pinpoint unusual events or trends

    Category average: 7.7

Areas for Improvement

  • Automated Policy Orchestration

    Automatically brings together all security controls in one place, automates changes and collapses risks

    Category average: 7.5

  • Device Discovery

    Ability to automatically find all devices connected to the network

    Category average: 7.9

  • Attack Path Simulation Testing

    Simulation of potential attack paths to expose network exposure

    Category average: 7.4

Reviews

What users are saying about Tufin Orchestration Suite.
View all reviews

The best Firewall Management- Tufin Orchestration Suite...

Incentivized
Binita KharbandaView profile
Shift Supervisor in Information Technology at MattsenKumar LLC (501-1000 employees employees)

Pros

  • Firewall management
  • Compliance reports
  • Unused rules and optimization
  • Policy Automation

Cons

  • Cost is too high
  • Documentation not available easily
  • Customer Support

Return on Investment

  • Single Platform to manage all firewalls
  • Industry based standard compliance reports like HIPAA, ISO, GDPR
  • Firewall Rules Clean-up
  • Customization is bit limited
  • Troubleshooting is difficult with limited commands
  • CLI not user friendly

Alternatives Considered

Cisco Secure Firewall Management Center (formerly Firepower Management Center)

Other Software Used

Check Point 12000 Appliances, Palo Alto Networks URL Filtering PAN-DB, Cisco ASA 5500-X with FirePOWER Services

Firewall Policy Management made somewhat easy!

Incentivized
Verified User
Team Lead in Information Technology (5001-10,000 employees employees)

Pros

  • Firewall Policy Management
  • Workflows and its integration with Firewall change process
  • Capturing LAST_HITS data for FW rules

Cons

  • Tufin SecureChange needs to be more agnostic, easy to integrate with Service NOW
  • JSON payload identification for Tufin SecureChange while integrating it with SNOW
  • customization should be made more easy, like custom dashboarding
  • Tufin Orchestration Suite Professional services experience could be also improved overall - Taking more ownership
  • API calls to 3rd party tools should be more flexible

Return on Investment

  • 35,000 USD/Grand extra client had to pay for add-on licensing (HA)
  • Good FW policy management feature overall ( LAST_HITS)
  • Tufin Orchestration Suite again asking for OS upgrade to TOS Aurora

Alternatives Considered

FireMon, AlgoSec and Palo Alto Networks Cortex XSOAR (formerly Demisto)

Other Software Used

Cisco ASA, Checkpoint Halo, Splunk Application Performance Monitoring (APM), FireMon

Tufin for Enterprise and Firewall Migration Success

Incentivized
Alex Waitkus, CISSP-ISSAP, OSCPView profile
Security Architect in Information Technology at Securicon, LLC (51-200 employees employees)

Pros

  • Security Policy/ACL overview showing hit count and shadow policies
  • Configuration change tracking by user
  • Detailed reports on the firewall configuration

Cons

  • Palo Alto Networks Integration
  • Better/more user friendly api for integration with ticketing systems
  • Web UI structure is not user-friendly

Return on Investment

  • Tufin has helped increase firewall migration time letting us build new policies instead of migrating garbage in
  • Tufin helps to identify who changed what when so if a change impacts access Tufin can help find what change was made from a single location
  • Tufin has a great reporting feature - except for Palo Alto right now - that helps to review and audit policy, flagging overly permissive and shadow or partially shadow policies.

Alternatives Considered

RedSeal and AlgoSec

Other Software Used

Cisco ASA, Check Point Security Management, Palo Alto Networks GlobalProtect Mobile Security Manager

Think twice before buying

Incentivized
Verified User
Professional in Information Technology (501-1000 employees employees)

Pros

  • If you set your zones correctly Tufin will create your network topology map.
  • You can find which object or rule you want easily for all firewalls in the network.
  • Tufin provides more features for Checkpoint.

Cons

  • It doesn't run correctly with Fortinet firewalls
  • Support team does not have enough ideas for solving cases

Return on Investment

  • I think if you correctly configure your SIEM, you don't need Tufin. You can correlate a lot of things for firewalls.

Other Software Used

FireEye, McAfee Network Security Platform, Imperva SecureSphere, Ixia Bypass Switches, Arbor DDoS