Tufin Review

The value for me is the ease of implementation. We also like the UI and scalability.

Valuable Features

The biggest value for me is the ease of implementation. I'm newer to the company, only been there a year, but the fact that I could could win and recommend this product within six hours of getting the license installed shows that there's immediate ROI to my CSO.

Improvements to My Organization

I've been trying to clean up the firewall policies that I inherited from different iterations across topology changes -- from Cisco to Juniper to where we are now -- that have never been cleaned up. We're not publicly traded, so there's not a mandate to do so. When I worked in the energy sector, though, there were such mandates, but we weren't properly staffed.

Our current firewall policies never had a full, comprehensive risk rating of every rule, but we have that now. I've implemented different zones for setup so that we're able to get reporting immediately for our PCI environment. We know whether or not we're in compliance. If not, we can fix it immediately without waiting for an outside auditor. We can be proactive.

Room for Improvement

I'd like to see more work done on the topology side. Although the tool has gotten progressively better, topology still needs work. If it could be improved, that would really make the tool much more powerful. You can then have non-firewall people using it for troubleshooting.

Use of Solution

I've used it now with various companies for over 10 years.

Deployment Issues

We've had no issues with deployment.

Stability Issues

It's never failed or completely gone down. It's one of those set-it-and-forget-it tools.

Scalability Issues

I'm very impressed with the scalability. Previously, we used appliances sitting on our network. This time, we went with a VM and our technical rep said we could put up to 80 licenses on it. That's way more scalability that I anticipated.

Customer Service and Technical Support

Customer Service:

Customer service is very good. I haven't worked with than much other than for the license, but they're very responsive.

Technical Support:

Technical support is excellent. They're good at answering questions, very helpful, and responsive.

Previous Solutions

I've also used FireMon. We liked the Tufin UI better.

Initial Setup

The initial setup was very straightforward. Our VM team installed the image for me and then I installed the license. From start to finish, it took about 24 hours, and most of that was paperwork.

Implementation Team



I was able to create initial tuning reports within an hour of populating the system with my firewalls. Within one week, I was able to create my PCI zones and configure automated reports for compliance

Other Solutions Considered

We looked at FireMon, which is an excellent product, but for me it came down to getting everything stood up and running within a minimum amount of time. I needed it to look really good because I was putting my name on it. Plus, my manager loves the web UI over the FireMon UI, which for him was the key.

Other Advice

You're going to be really shocked with the first couple of reports that show stuff about which you had no idea. Let it go and get buy-in from as many other groups as you can. If security and network are separate, get network involved to access devices that will provide a clear picture of everything, especially of topology. Build those bridges ahead of time and present it more as a collaborative tool and not a "I'm watching you" tool.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
See it in Action

Schedule Your Tufin Demo Now

Add a Comment
Sign Up with Email