Firewall Policy Management made somewhat easy!
August 31, 2021

Firewall Policy Management made somewhat easy!

Anonymous | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User

Overall Satisfaction with Tufin Orchestration Suite

We use Tufin Orchestration Suite products for various clients and for US EST biggie Insurance company. We implement/proposed it to the client to solve the problem of Firewall Audit / Firewall rule reviews, recertifying FW rules, identifying UNUSED rules with no hits. It helps our clients in managing FW rulesets / and keeping security posture of the ruleset intact. We also integrated it with Service NOW / ITSM solution
  • Firewall Policy Management
  • Workflows and its integration with Firewall change process
  • Capturing LAST_HITS data for FW rules
  • Tufin SecureChange needs to be more agnostic, easy to integrate with Service NOW
  • JSON payload identification for Tufin SecureChange while integrating it with SNOW
  • customization should be made more easy, like custom dashboarding
  • Tufin Orchestration Suite Professional services experience could be also improved overall - Taking more ownership
  • API calls to 3rd party tools should be more flexible
  • 35,000 USD/Grand extra client had to pay for add-on licensing (HA)
  • Good FW policy management feature overall ( LAST_HITS)
  • Tufin Orchestration Suite again asking for OS upgrade to TOS Aurora
  • FireMon, AlgoSec and Palo Alto Networks Cortex XSOAR (formerly Demisto)
1) Fairly okay overall but definitely needs improvement overall Vs the other products available in the market like Palo Alto XSOAR
2) Cost wise okay at the beginning but when client demands add-ons/ more features/customization tailored to their needs, Tufin Orchestration Suite recommends RFE / custom costs/development costs
3) USP feature is cool to use overall Vs FireMon
4) Tufin ProServ needs to buckle-up/Support compared to other competitors in the market

Do you think Tufin Orchestration Suite delivers good value for the price?


Are you happy with Tufin Orchestration Suite's feature set?


Did Tufin Orchestration Suite live up to sales and marketing promises?


Did implementation of Tufin Orchestration Suite go as expected?


Would you buy Tufin Orchestration Suite again?


Cisco ASA, Checkpoint Halo, Splunk Application Performance Monitoring (APM), FireMon
Well suited scenarios -
1) Firewall Policy / Ruleset management
2) Where all the products are from Tufin like TOS ST, SC, SecureApp etc
3) Where customer focuses on ruleset compliance - USP violations, and other features
Less suited -
1) Agnostic/distributed environment - Tough with integrate with 3rd party like CyberArk
2) FW recertification processes / exception process when complex process is included

Tufin Orchestration Suite Feature Ratings

Policy planning and rule management
Automated Policy Orchestration
Device Discovery
Policy Compliance Auditing
Attack Path Simulation Testing
Anomalous Event or Behavior Deviation
Not Rated
Vulnerability Scans
Not Rated
Firewall Rule Cleanup