It can compare policy revisions side by side to see when you've made a change, and what the change is. It also lists the detail of the objects and policies. In other words, it has the ability to list all the policies as well as having side by side revisions.
I think we knew we needed to invest in the solutions because of a replacement we had to do last year. We had no other way of gathering the information. It wasn’t replacing anything.
I would like to be able to see the changes made on the software blades that Check Point has, such as URL filtering, IPS.
I’d like to see it work with F5. It's supposed to work and it doesn't. The problems we have with the F5 is what brings the rating down, because that was a big part of the reason we purchased it. If they fix the F5 issue, I’d probably rate it an 8 or a 9.
We have been using it for one year. When we first implemented Tufin, we were replacing firewalls that had been in place for so long, there was absolutely no way of migrating the policy over so we had to recreate it from scratch. We were able to use the information provided from Tufin to do that.
We’ve used the recording tools a little bit, but just for Check Points, not the F5s. They're helpful in a way. Sometimes it seems like they're giving you partial information, like it wants to give you some information that you've made a change to, but it's really hard to track down where that change actually was made. It’s more like configuration-level changes are difficult to read on the report.
We've had issues with using Tufin for the F5 load balancers. We can't get our information out of our F5s.
Using technical support was kind of cumbersome. They couldn't figure out what the problem was with the F5s. After they thought they found the problem, we set up another set of F5s. The problem that they thought was causing it, was no longer in place with the other set of F5s, but they didn't work either.
I was involved in the initial setup a year ago. It was straightforward. It was pretty easy to set up.
We weren’t comparing it to anybody else.
Keep in mind that you're only going to get the network security layer of the Check Point showing up on the recording. You're not going to get all of the software blades that come along with it. One of the things my manager was disappointed to find was that we weren't able to gather that information.
Cool reviews & helpful