What is our primary use case?
We use Tufin for two purposes:
- To track all changes on our network equipment, our Cisco gear, F5s, and Check Point.
- We use SecureChange. So, we submit any firewall change through SecureChange, then we use that for the approval process. We are trying to have it end-to-end, where it provisions the device, but we're not there yet.
How has it helped my organization?
Tufin is our audit trail for all changes. We have to be PCI compliant, and it is the tool that we go to for enforcing PCI on the network side.
The change workflow process has customizable and functional for us.
It has helped us meet our compliance mandates.
What is most valuable?
The revision reports are phenomenal. They really help us out to see what changed, when, and who, most importantly. Some of the other reporting that we audit and clean up have been really valuable for us.
The visibility is great. We have found the policy browser to be very useful. It is a fairly new feature.
What needs improvement?
I would like to see more expansion into the cloud and documentation needs improvement. When I try to do something new in the product, the documentation is no help. Something's written there, but it's not enough to help you do what you want to do. We would like more examples and use cases.
The cloud is fairly new to Tufin. We have AWS. Their first steps into providing audits on the cloud have been really helpful, but we ourselves don't know how we're going to manage the cloud. One of the features that we didn't like is the controlling of the security groups. We can read them but there's no way to change them or to really control them through Tufin. That would be a nice addition.
We are currently working on a bunch of automation to include Tufin. We need security group management (security group modification for Cisco devices). That is what we need from Tufin going forward. We can't go live with the total automation because there are pieces missing, e.g., you cannot update the service group.
What do I think about the stability of the solution?
It has been very stable. Though, the policy browser has had trouble working. We have experienced bugs.
What do I think about the scalability of the solution?
We have a lot of devices on it now.
How are customer service and technical support?
The technical support is hit or miss. More miss than hit. It takes them awhile to understand what the issue is. They don't know where to go in the product right away. A lot of stuff gets escalated to R&D, and even that is a very slow process. When it goes to R&D, it's really slow. We've had the same issue for months. They say it'll be fixed in the next release, then we'll get the next release, and it's even worse.
What about the implementation team?
We deployed it ourselves.
What other advice do I have?
We are really interested in the Tufin Orca product.
- For visibility in the network, I would rate the product as a nine out of ten.
- For usability, I would rate the product as a seven out of ten.
- For liability, I would rate the product as a nine out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.