Tufin Review

Helps us meet our compliance mandates by providing visibility into firewall rules


What is our primary use case?

The primary use case is locking down the firewalls to Zero Trust and automating the risk assessments.

How has it helped my organization?

We use Tufin to clean up our firewall policies. It very easily shows us what is not used, so we can take it out. It shows us head counts as well, so if something is used once or twice a year, that might not be something we want to keep. Thus, we can have the conversation. We also like how it has a business owner of the firewall policy, so we'll be filling that in. So, those people will be involved ongoing with the approvals.

This solution has helped us meet our compliance mandates by providing visibility into firewall rules.

Today, we can check to see how our lockdowns have gone and what unusuals are still there. We have a long way to go, but we've done a lot already.

We were hit by the NotPetya attack. Therefore, our whole company and all its sites were down for several months. So, you don't have an attack like that and not need something like Tufin. Other companies can prevent these attacks, or at least slow them down, by having this type of a tool. We will never go back.

In the future, we will be using this solution to automatically check if a change request will violate any security policy rules.

What is most valuable?

  1. Being able to see all the firewall rules in one place. 
  2. Being able to query them. 
  3. SecureChange will automate and put the rules into Remedy.

The visibility is incredible. It has never been there before.

What needs improvement?

The UI was a little clunky at the first. It was confusing. They are working on that. The new one is better.

What do I think about the stability of the solution?

We haven't really overburdened it yet. What we have has been very stable. There have been no issues that I have seen.

What do I think about the scalability of the solution?

It seems very scalable.

We have 40 consultants and too many people.

How are customer service and technical support?

The regular technical people seem okay when you put in a help call, and they do get back to you. We actually had a key issue, which was a bug, that the development team didn't want to fix. We escalated it, then it got fixed. So, the management level seems very responsive at least, but at a support level, they are just regular support people and not outstanding.

If you previously used a different solution, which one did you use and why did you switch?

I asked our firewall team if they had the tools that they needed to do their job, and they said, "No."

We did not have a previous solution.

How was the initial setup?

The initial setup was pretty straightforward. The problem was getting people to pay attention to it.

It is a lot of work to implement.

What about the implementation team?

We used Tufin for the deployment.

What was our ROI?

We have not seen ROI yet. What we are going to see is fewer cyberattacks. When you have a multimillion dollar cyberattack, you don't care about three million dollars in a one time cost.

Engineers are spending less time on manual processes by weeks. Huge amounts of time have been saved.

What's my experience with pricing, setup cost, and licensing?

Our licensing costs are three million total and then we pay for maintenance, which is an additional cost for three years.

Which other solutions did I evaluate?

We did a comparison of three products and Tufin was recommended at the time. We got quotes from Tufin and another product, and Tufin came in under.

I just talked to two people who switched to Tufin from another product. It seems to be the leader of the pack.

What other advice do I have?

Tufin seems like a high quality product from a company that cares. It focuses on exactly what we need.

We would like to get to having Tufin make changes on firewall rules, but we are going to need help convincing our management of that we should be using Tufin to do that. It looks very promising, but we can't use it for that yet.

We haven't implemented the change workflow process yet.

While we didn't buy it for the solution’s cloud-native security features. I'm interested in that, but it is not in my mandate right now.

The product has been fabulous.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
See how Tufin can simplify your network security management

Find out how automation and orchestration of security policy management can help you increase agility and efficiency, while reducing risks and ensuring compliance and audit readiness. Request a Tufin demo today.

Add a Comment
Guest
Sign Up with Email