Tufin Orchestration Suite Reviews

Tufin has helped us a lot. It lets us clean up the rule base in a short period of time and remove unused rules. Tufin provides you a report on rules for this that lets you delete objects that are obsolete and no longer needed in the rule base. If you don't use a tool like Tufin, this is done manually and may take days, because for every object, before you delete it, you have to make sure that it is not being used by someone else.

From a security point of view, Tufin can provide the posture of your environment, meaning whether your rule base is secure or not. It will analyze the file rule base, tell you if the service you enabled is secure, and give you some advice how to deal with the situation.

I want Tufin to be used by my entire team, but due to a lack of training and lack of resources, we are not able to do that. I would like to see more training videos that can be distributed to my team in order to really take advantage of the product.

We have been using it for about 3 years now.

I find it very stable. We haven't had any big issues since we started using it. Issues we have had have mostly been related to new features being added that weren’t supported by the device. In those scenarios, we submit the case to Tufin and they tell us about the new release.

We are a big company and I can say that we are not using the product in its fullest capacity. We have a different type of policy because we are using different vendors and different technologies, and while we have some issues with the juniper devices, it has absolutely been scalable.

Tech support has been fine. Right now I have an ongoing case and there is a delay, but it mostly comes from me because I took time to respond and they are telling me other ways that I know.

I implemented FireMon three years ago for a customer because the customer specifically requested it. I found it very hard to put in place. I wasn’t a part of the Tufin implementation, but in terms of the product itself, Tufin is easier to use.

I would give Tufin an 8 out of ten because some vendors own multi-contexts, and there are challenges supporting these devices. We are having issues with the Juniper device, for example.

Being able to run reports to see what rules are there and which rules are not needed is very useful to me. It allows me to optimize the policies. Also, every time someone pushes policy it sends an email to say that the change was made. I have it set up to run reports every two days to let me see the state of the firewall or the state of the policies.

The ability to get a sanity check for the rule base is important. Right now, we write our own firewall rules, and with Tufin, we can cut those down to four hundred.

The upgrade was a bit cumbersome because we had to do a complete reinstall. We removed it from a version of Linux that wasn’t supported and we had to do our first fresh install.

We’ve used it for a couple months now.

We haven’t had any issues with stability so far.

We’re a small team and we manage five clusters, so it’s not too bad.

We used technical support for the upgrade and they were very helpful. We haven’t had any issues, apart from the fact that we had to do a fresh install, but we were provided support through that process. They were online with us right through using WebEx. That was great.

My experience with Tufin has been good. We haven’t had any technical issues and the features that I have seen in the software so far are excellent.

I use Tufin SecureTrack, which means I use it for looking at things and not for making changes. The value of it there is that, since I deal with Check Point policies a lot, I can use it to see what changes have been made to the policy since the last time I looked at it, because it may have been a couple of weeks since I last installed a policy or maybe somebody else has had their hand at it.

Tufin gives me a really easy way to graphically look at the policy, before and after changes are made, through two panes. As you drag around one pane, the other moves with it, and they resemble the Check Point dashboard view so it’s very familiar. You can easily spot all the differences and see what has changed in the policy to make sure there are not any mistakes and that nobody accidentally added a block edited any rule at the top of the policy—that’s probably happened to everybody, right?

I also use a feature where you can run a report on rule and object usage. This helps me spot rules or objects that aren’t really ever hit, so I can remove them from the database if they no longer exist.

Tufin is easy to use, which was really important for us. Also, it’s not a dangerous solution because we can’t make changes with it.

I'm running R77, and I'm concerned with how well it will work with R80, the new release of the operating system. R80 changes the way that the dashboard you use to manage the policy looks and operates, and we will have to see whether Tufin keeps up with that or not. Also, in the current R77, the various blades appear as different tabs in the interface and dashboard, and Tufin doesn't look at any of those tabs except the security policy. I'd like it to be able to look for changes in some of the other configurations. In R80, it's all tied together, but for now, it's in a separate panel. I don't currently have any way of using Tufin to audit what changes have been made to the web filtering configuration, for example.

It's very stable.

I don't have a huge environment, but it doesn't seem to require a lot of horsepower. We're running it as a virtual machine, and that's working fine.

We haven’t needed technical support since we moved from a physical to a virtual world.

It was straightforward. It’s been a few years, but I don’t recall any problems with setup.

I have no problems with Tufin, and it works great, but I would have to give it an eight out of ten. It’s just not as amazing as some of the other technologies I use, like Lancope StealthWatch. I wouldn’t tell anyone to stay away from it—It’s just a good idea to look at the competition and see what’s out there.

Tufin gives you the ability see what changes have been made and who made them, as well as pinpoint what has changed so if there is an issue you can easily review it. I also like that if there is a new request that's coming in, you have the ability to compare the request with what is already in the system so you don't have to go into the firewall rules to try to figure it out. You can just do a comparison between different policies.

We use reports a lot for cleaning up, which is part of our regulatory requirement. You need to review the policies for any old reports, used objects or used services. That's basically what draws the purchase of this product.

I also like the product’s ability to reduce security risks. Being able to do some of the compliance checks has been very good for us.

The ability to search could be improved, and it would be helpful to be able to display more than a hundred results on a search or share when you do the workflow with multiple people at the user level on your same team. If you have a team of three people each one should be able to see each other's request without having high-level access rights.

Also, the workflow is very rigid. It's not very easy to manipulate. The graphical interface needs to be a little more user-friendly. You need to be able to move objects around to make a nice display. Right now, if you select an object, it just sits there and everything goes sequentially. I want to be able to move objects around to make the interface more presentable in the way you would normally code something. That's a big concern, because we've gotten several complaints.

We have used Tufin for at least seven years.

We haven’t had any problems, except for some licensing issues a long time ago.

For what we do we haven't seen any performance issues so far.

Technical support has been good. We've had different engineers help us out and they've all been very helpful.

We compared Tufin to AlgoSec. At that time, we felt that what Tufin had in terms of their workflow and the option to transfer over our existing workflow was more flexible. It was a hard decision. One of the other reasons we picked Tufin up versus AlgoSec was the responsiveness of the people we were working with. They understood the company and our relationship, and we felt that it would be easier to have the ear of the company if we needed customization. They did the changes that we requested, which made life easier. We felt that if we were to go with AlgoSec, it would be a lot harder.

We closed the deal after they made a change to DNS lookup. Objects need to be created on our DNS system before they’re populated, and you didn’t have a way to validate your IP with a host name at that time.

If I had to rate it one to ten, I’d give it a nine, since there’s room for improvement, even though they’ve been doing a lot of improvements over the years. I would also say that if you buy the product make use of it. There are more features available than you always realize, so a lot of times you might try the harder way first because you are used to working that way. You might discover that your life can get a lot easier.

We use it as an auditing tool, since it’s a risk-based approach, which fits a lot of the needs of our auditors. We're able to clean up our firewall rules and use the security score in our monthly reports to executive management, showing them that we are making improvements within the security of our firewall policy. We can generate different inventory reports when rules are not in use. It allows us to print policy out for our auditors as well.

You can print off reports, either in Excel format or PDF format and deliver them to whoever needs those reports. It can also send you any report on a regular basis. For example, if you want to see your security scores, you can have that sent to you weekly.

Before we had Tufin, we had to do firewall policy cleanup and it was pretty painful. It would take us 6 weeks just to get through one review, and we had to do it quarterly. With Tufin, you can generate a report in 20 minutes and start taking action on it right away. It's a huge difference. You build up trust with the product. When you are looking at a rule and you don't know if it's been used before, you're kind of rolling the dice. When you have a tool that can look out 6 months and it hasn't been used, then you have a lot more confidence in cleaning that rule up.

Some of the challenges we have include getting the reports and the tools to look at our specific environment. There are some challenges with setup for that. You want to make sure that your PCI environment, your wireless environment, your DMZs and your internal network are all laid out in Tufin so they can be correctly scored and rated. A little more ease of use in that area would be helpful.

We've had Tufin for 8 or 9 years. I was the one that brought it in.

We don't have any issues with stability of the product.

We have a relatively small environment. We've got 30 firewalls, basically 15 clusters that Tufin monitors, and our policy rule base isn’t huge. We moved over to VMware and haven't had any issues with caring for the product.

We actually used one of Tufin’s competitor’s products, AlgoSec, but found that the Tufin product is a lot more flexible from a reporting standpoint.

It’s easy to set up. I would say to do a proof of concept and give it a try. It doesn’t take much effort to get it set up and start getting benefits.

I would give it an 8 on a scale of 1-10 because it works really well in helping you create your own reports. You can drill down into each of the different risks that are in the environment and take action on it. It actually tells you, in a descriptive manner, what the issue is and how to fix it.

The best feature is being able to query all our Check Point devices and certain other vendors like Fortinet as well. It can query and find unused rules and unused objects to clean things up for us.

I use reporting and assistance as a tool for cleanup. I would love to be able to get the newest version into our company and have it be used as a manager of not only Check Point but also the other vendors that we use. It looks like it's all there. - Fortinet, Palo Alto, some Cisco and other devices.

The fact that that we won't have to log into a Fortimaneger to manage Fortinet and then log into another to do Check Point, being able to log in straight to Tufin, build a rule and have it push it to the correct devices. That's huge and that's something that I really like about the new version.

We had some issues because of our unique configuration.

I can't say too much about scalability, simply because it was not scalable for our environment because we are using a splintered specialized version just for our company. The Tufin apliance just doesn't play well with that specialized version. But for the things that we do have that are general release, it's awesome. It takes a little bit of a fiddling around but again, we're on an older version. It works flawlessly.

Rating: because it's our unique older version, I'd give it a 6 or 7 but we only use it for reporting and cleanup. If we had the latest version, I'd easily give it an 8 or 9 because it can do so much more.

The visibility of the changes that are being made on the network. From a firewall perspective and router perspective, we have all our network devices in Tufin. We monitor all the changes that are made constantly. Prior to changes being made, they get approved by our IT security department, and then they're monitored after they're changed as well.

We haven't used it to push configuration yet, but we do have a third party network vendor that does our network changes for us. We immediately know if something was typed wrong or configured incorrectly. We'll get an email from Tufin, and we'll know that they typed something in wrong or incorrectly because that's the email that we receive from Tufin. A lot of times they'll transcribe things, and rules will get set in different directions. We'll know immediately when something happens.

Being the Director of Networking, that's what I'm primarily concerned about. It's to make sure that all the network changes that are being made are the correct changes, we're not opening things up to vulnerabilities that we shouldn't have, as well as making sure that we're locking down what we need to lock down.

I like what's there today. I don't use the product that heavily as much as our IT security department does. Right now the product is doing exactly everything that I want to see it done. I would like to see the ability to have the changes in the configurations pushed out more easily and managed through Tufin to eliminate that human error factor more.

We haven't run out of room with the product yet. It's very scalable. We fly to 115 different locations,we have 3 different data centers, and we monitor all our network devices, firewalls and routers through Tufin.

If you don't have a product like Tufin, get a product like Tufin because it's amazing. It gives you insight into all changes that are done within your network. It's awesome, and it gives you the ability to manage it even though we haven't rolled that piece out ourselves yet.

The ability to create out of the box reporting and to have real time awareness of the changes in our environment.

Our operations team will make firewall rule changes and I actually get an email telling me everything that's been done. The way that we have the two things set up it will actually link to the change control that they're doing the work under. I'm then able to review and say "okay, this is what they said they were going to do, this is what they actually did and it's done compliantly."

The reporting simplifies the ability to report towards the business about how our rules are being used so we can make sure the security is always optimally maintained.

We currently use it at the most fundamental levels. There are a lot of advanced features that we've investigated but the real core strength is for our compliance team to be able to pull the rule usage reports.

When we were an early adopter and there were things that were not there, Tufin was very anxious to understand what the need was and then figure out how to integrate it into the product

Over 5 years.

It's reaching the edge of stability since we're putting a very strong demand on it. The resources within it are starting to now be challenged. We haven't had any significant issues.

We've reached the capacity of the current system and we're looking to upgrade. We went from about 100 firewalls in Tufin to almost 300. We've tripled the demand on the same appliance, but we intentionally bought a large appliance so we could grow into it.

We've used technical support and they've always been excellent.

I deployed it. It was very easy. That was the one thing that we really appreciated about the product was the ease of deployment, the intuitive nature and that's what was one of it's strengths are. It came on an appliance, it was intuitive to deploy and it made it very beneficial.

When we selected we actually did a source selection analysis and from there we did a pilot with two of them

Regarding cloud solutions, it's going to be very interesting to do the security assessments with them.