Tufin Review

Firewall rule maintenance in our hybrid environment saves us time that we don't have

What is our primary use case?

We use the SecureTrack component for several things including the maintenance of firewall rules. Examples of this are identifying rules that are no longer in use and identifying shadowed rules that can be consolidated. We also use this solution to look for violation policies, as well as unused rules.

We use this solution in AWS and in our on-prem firewall.

How has it helped my organization?

The number one benefit this solution provides is time savings. Both I and another engineer save hours upon hours of work spent creating reports, which Tufin now does for us. This is reclaimed time now well spent on other things.

Tufin has done a very good job in improving upon the USP policy for violations.

Our engineers save quite a bit of time that was previously spent on manual processes.

What is most valuable?

The most valuable feature is the ability to gather all of the firewall information without having to do it manually. It makes it much easier and saves time.

We use Tufin to clean up our firewall policies. By doing so, we don’t have a bloated firewall policy that can, in the end, cost more in terms of processor overhead.

What needs improvement?

The GUI needs more visibility in terms of licensing because it is hard to tell which products and licensed and which are not.

The USP can be improved, as far as I can tell.

I would like to see better integration and compatibility with the Azure cloud. We are not using Azure today, but I've asked questions about it and there are limitations.

What do I think about the stability of the solution?

This solution is solid, as far as I can tell.

What do I think about the scalability of the solution?

We haven't pushed this product to the point where we have to scale out.

How are customer service and technical support?

I haven't had the opportunity to use technical support.

If you previously used a different solution, which one did you use and why did you switch?

The driving force behind implementing this solution was to obtain reports that help us get to the heart of the matter, ultimately saving time.

How was the initial setup?

I have worked with Tufin before, so I found it to be straightforward, out of the box.

What about the implementation team?

We used a reseller and an integrator, and we are working with an integrator right now. They are G2 Deployment Advisors LLC.

Which other solutions did I evaluate?

I am not aware of any other solutions that were evaluated before choosing this one.

What other advice do I have?

The visibility provided by this solution is invaluable. It's easy to gather this information to share within our group and also outside of our group, with for examples security compliance individuals.

We do not have mandated compliance in our environment. However, we impose it upon ourselves and this solution helps us to gauge where we are.

In terms of the cloud-native security, there are some limitations because you can only pull from it what they’re willing to give you. Overall, it’s the same as whatever we do on-premise.

My advice to anybody who is implementing this solution is to ask a lot of questions. Use this solution to the hilt during the POC, making use of anything and everything. Every place is different, so use it for what you need to and beyond, so that you get an assessment as to what it can do for you.

This solution saves us a lot of time that we don't have, but there is always room for improvement.

I would rate this solution a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner.
See how Tufin can simplify your network security management

Find out how automation and orchestration of security policy management can help you increase agility and efficiency, while reducing risks and ensuring compliance and audit readiness. Request a Tufin demo today.

Add a Comment
Sign Up with Email