Tufin Review

Helps us review our firewalls and firewall policies for issues, but we would like the user interface to be redesigned

What is our primary use case?

The primary use case is role recertification.

We are trying to get into it for compliance, but we are having issues with that.

This solution helps us ensure that security policy is followed across our entire hybrid network.

How has it helped my organization?

We actually review our firewalls now. Before we started using Tufin, our firewalls never got reviewed and we had no idea what was on them.

We use Tufin to clean up our firewall policies. This makes it a lot easier to find out the things that are wrong.

It removes things which shouldn't be there. It has helped with that. Things that don't get used anymore and nobody tells us that they have been retired, it helps us identify those items. Then, once we get the compliance piece going, it'll help us make sure nothing violates policies.

What is most valuable?

The most valuable feature are role and objects usage for individual objects and app usage.

What needs improvement?

If we could get the compliance part working, that would help out a lot.

Currently, we have to get different data from different sections of the site. It would be nice if it was all combined into one.

A big improvement would be on the USP policy. If we could use Palo Alto to take those zone names and auto import them into the policy, then just do the policy based on the zone names instead of having to put in every single subnet.

The user interface needs to be redesigned because things are not where you would expect them to be.

What do I think about the stability of the solution?

Stability is sometimes good, and sometimes not so good. 

There is an issue with all of our Palo Alto devices, where if one gets disconnected in Panorama, they all show as disconnected or with errors or wrong arguments, which is very generic. They are supposed to have a fix for it now, but we haven't implemented it yet, because they are not releasing it until eleventh of this month.

What do I think about the scalability of the solution?

We haven't had any issues with scalability yet. We can scale as much as we need to.

How are customer service and technical support?

The technical support is good. The guy with whom we have been working the most with lately has been pretty on top of everything. We had a couple people in the past who were a little iffy, but we haven't had to talk with them in a long time. I don't know if they're still there.

What's my experience with pricing, setup cost, and licensing?

Our licensing costs are pretty low. We were grandfathered in, so we are at about $35,000 per year.

What other advice do I have?

Test every feature. Make sure the third party vendors that they implement into it function properly with it. We have had issues with our Palo Alto connections.

We just started a PoC on the change workflow process of the solution.

We are just now moving stuff to the cloud.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
See how Tufin can simplify your network security management

Find out how automation and orchestration of security policy management can help you increase agility and efficiency, while reducing risks and ensuring compliance and audit readiness. Request a Tufin demo today.

Add a Comment
Sign Up with Email