Tufin Review

A nice GUI and powerful API

What is our primary use case?

We are using the SecureChange and SecureTrack components of this solution for rule re-certification and change automation. We are still in the implementation phase, but we expect to have this solution in our production environment by October 1st.

How has it helped my organization?

With respect to visibility, my impression is that it will do what we need it to do, but it will take some work.

We have tested the system to see if it will automatically check to see if a change request will violate any security policy rules, and it will do what we need. We intend to use this feature in production.

We expect that this solution will help us to meet our compliance mandates.

What is most valuable?

The most valuable features are the GUI interface and the API. 

We’ve found the change workflow process to be flexible and customizable. If it could not be customized then it would be very hard for us to make it work for our company.

What needs improvement?

The integration with different products needs to be improved.

For the most part, this solution will ensure that security policy is followed across the entire network. There are certain policies that are not baked into the product yet, like our proxy solution.

The options for certain things are pretty rigid, so they need to be more customizable.

For how long have I used the solution?

Still implementing / pre-production.

What do I think about the stability of the solution?

So far, the stability of the solution has been good.

What do I think about the scalability of the solution?

We have some work to do with scaling the product, so I don't yet know about the scalability.

How are customer service and technical support?

Technical support for this solution has been great. They've been very responsive.

If you previously used a different solution, which one did you use and why did you switch?

We will be using Tufin to clean up our firewall rules, but we currently use AlgoSec.

Our previous solution was an end-of-life product, so we had to evaluate the options that were out there.

How was the initial setup?

The initial setup of this solution is straightforward, although we haven't done full-on production yet, so I don't know what we're going to run into.

What about the implementation team?

Nexum assisted us with the deployment of this solution. They are good, and we use them for everything we can.

What was our ROI?

At this stage, we have not yet seen ROI.

Which other solutions did I evaluate?

We evaluated other solutions, but Tufin had a better workflow.

What other advice do I have?

I am unfamiliar with the cloud-native security controls that are provided. They may be worth further investigating.

Reducing the time it takes us to make changes is the goal of our implementation. We expect that our engineers will spend less time on manual processes.

We expect that this solution will do what we need it to do, but there are some quirks with the integrations for the software.

My advice to anybody who is researching this solution is to pick what's right for you and do your homework.

I would rate this solution an eight out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
See how Tufin can simplify your network security management

Find out how automation and orchestration of security policy management can help you increase agility and efficiency, while reducing risks and ensuring compliance and audit readiness. Request a Tufin demo today.

Add a Comment
Sign Up with Email