We performed a comparison between Skybox Security Suite and Tufin Orchestration Suite based on real PeerSpot user reviews.
Find out in this report how the two Firewall Security Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The ability to appropriately prioritize vulnerabilities inside the environment, and then to have visibility into the traffic and rule sets of an organization, are two of the top capabilities that I recommend. Skybox is the only one that does both of those in a single platform."
"instead of asking for firewall rules which may or may not be relevant, or could already be there, or could be over-permissioned, Skybox can be used to map out the resources that that application is going to use and provide the exact rules that an application would require to function correctly. If the traffic isn't able to flow for the application, if it's erring out, Skybox can be used to troubleshoot that and say, "All right, where is the traffic being stopped and why, and how do I fix that.""
"Overall, the tool has helped us reduce risks. If any step is missing, it's easier for my team or engineers to identify it. The tool provides accurate recommendations based on the data. Its integration is easy, and I have integrated it with Fortinet firewalls."
"Correlates logs and threats and prioritizes; provides network maps;p provides change result context and resulting vulnerability."
"This type of tool does a great job of reaching into those other devices producing risk recommendations, compliance recommendations, and a single plane of glass to do your queries, so you can find where these rules might exist."
"It has a good policy management feature and can provide customers with good quality outputs."
"The solution offers very nice dashboards and they've recently added a very good Java-based web interface."
"The performance could be good because we chose it at the time, but it is too complex for us to appreciate its performance because we lack the necessary skills."
"The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company, for example, what is allowed or not. We are able to check the rules over different gateways and set over firewalls."
"The best feature for me is being able to look up objects within all of our policies, because we have a little over 12,000 rules and over 30,000 objects. When one person says, 'Hey, where's my server?' I can just go to Tufin and say, 'Hey, where is that server?' and very quickly it tells you where it is, what policy it's on. That is a life saver."
"We use it to clean up our firewall policies, which gives us better security policy and less junk on the firewalls."
"The reporting on offer is very good. Tufin makes nice reports."
"Our customer has the ability to centrally monitor and view all changes that have been made in the network, and they are able to revert any problems that they encounter, if somebody has made a problematic change."
"Visibility is its largest and most valuable feature. You can see everything or all the devices on the network for each customer. It provides you a larger view of what might be wrong with the network and how you can improve it with firewall rules, etc. If you are talking about secure change, being able to automate the entire change process is pretty much the winner for us. It is going to really reduce the time that it takes for us to do changes, and we can just go out and get more customers."
"The most valuable features are the Security Risks and Best Practices reporting/Rule base cleanup."
"I like the fact that Tufin was able to integrate with our firewalls, which include Palo Alto and FortiGate."
"Skybox Security Suite can improve the change management module. It is the one part of the tool that is used with the firewall devices and you have a change management module that is used to record changes of all firewalls in the company. It's not compatible with all brands, this is where they can improve the solution."
"Modifications and the deletion of existing policies are currently unavailable."
"During implementation, we realised approximately 30 devices were not supported by the Skybox platform."
"The tool does not offer options for customization."
"Change Manager can be improved. If they can improve Change Manager so that whatever we want to do on a firewall, we are able to do it through Change Manager, it will be helpful for us. Whenever we are doing a change, it only does them at an L3 and L4 level, but all the firewalls are at the application layer. So, whatever needs to be done on the firewall, we aren't able to get it done through Change Manager. Currently, this functionality is not there because of which we are sometimes losing customers. I can create a role on Layer 3, Layer 4, but when it comes to the application layer, such as configuring and defining URLs or other things at the application level, it can't be done through Change Manager. Customers demand that they should be able to do everything through Change Manager. They don't want to do it through some other mechanism to accomplish their complete change management policy. They don't want to use a firewall manager because sometimes, they don't have any manager. They ask if they can use our solution so that a manager is not required. If Change Manager can do all the management automatically without involving any other manager, it will be great. They can also provide better integration with other managers so that everything can be done through a central point."
"The initial setup with Skybox Security is hard. You need one or two strong security engineers on your team."
"The setup documentation needs a lot of improvement."
"It's expensive."
"I would like to see visibility into the FW features like IPS/Content Filter policies, the same way it does for FW rules/policies."
"I would like to see API access into every aspect of Tufin."
"I haven't seen the cloud integration yet, and I would like to see if we could audit the cloud firewalls, like the cloud-native, Azure, and Amazon. That would be nice. You want one tool to do everything. I don't want to use another tool, or manually go and audit the cloud firewalls."
"The change workflow process is getting better. I wish it was a little more customizable. Right now, my biggest issue is that it wants to optimize everything we put in. Sometimes, we need a rule to be more readable, and we want it to go in a specific way. Sometimes, it's difficult to get Tufin to accept that. It wants to optimize and reduce the number of ACLs. On the compliance side, sometimes you just want more ACLs, so it's more readable for an auditor."
"Currently, we are able to monitor access rules and the operating system of a firewall. It would be great if we can also monitor the configuration of the firewall through Tufin."
"They are sort of at the pilot stage on some of their products. I saw the Orca and Iris products yesterday. My initial impression of these products were that they were good products, but I felt like some of their features overlapped with SecureTrack and SecureChange, which they are already doing. So, I just wondered what direction they're going in? I understand that they are cloud products, but are these security products going to overlap each other's features at some point? This is my initial concern."
"I would like to see the hardware specifications improved."
"There are at least two things that need improvement. One is the business workflow and the second is the integration with logging solutions."
Skybox Security Suite is ranked 6th in Firewall Security Management with 34 reviews while Tufin Orchestration Suite is ranked 2nd in Firewall Security Management with 180 reviews. Skybox Security Suite is rated 7.8, while Tufin Orchestration Suite is rated 8.0. The top reviewer of Skybox Security Suite writes "Efficient in vulnerability management, stable and easy to use ". On the other hand, the top reviewer of Tufin Orchestration Suite writes "A flexible, very secure solution that works well in Layer 2 environments". Skybox Security Suite is most compared with AlgoSec, FireMon Security Manager, Palo Alto Networks Panorama, RedSeal and Qualys VMDR, whereas Tufin Orchestration Suite is most compared with AlgoSec, FireMon Security Manager, Palo Alto Networks Panorama, ManageEngine Firewall Analyzer and Cisco Defense Orchestrator. See our Skybox Security Suite vs. Tufin Orchestration Suite report.
See our list of best Firewall Security Management vendors.
We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.