What is our primary use case?
We are a solution provider and this is one of the products that we implement for our clients. We also use it ourselves.
We have this solution installed in our data center, where we have a box specifically for Tufin. It scans our network, looks at the firewalls and the routers, assesses compliance and sends me a report.
What is most valuable?
The most valuable feature is the compliance check and the recommendations that it makes. This solution will connect with the firewalls and routers to check out the vulnerabilities, risks, and anything that can lead the organization to be compromised. From there it will make recommendations about what is required in order to ensure compliance. My team discusses the recommendations and then we remedy the issues.
What needs improvement?
My worry with Tufin is that it cannot connect to Fortinet, which is what I want to do. In order for this solution to be useful, it needs to be able to manage every type of firewall that I come across in my organization. I do not want to be tied to one vendor. Integration with all types of firewalls and related tools is necessary.
When Tufin deploys solutions on-premises then they should provide full support, but this was not the case in my organization.
The implementation, including integration with other solutions, is complex and should be simplified.
I want to see the physical topology of the network in order to help with troubleshooting.
I would like Tufin to alert me whenever there is a change in the firewall.
For how long have I used the solution?
I have used Tufin Orca for the past two years.
How are customer service and technical support?
We do not have full support for Tufin and it was expensive to have support visit us during our deployment.
How was the initial setup?
The initial setup was very complex because we needed help to integrate it with the network. Unfortunately, we needed to have an engineer come to assist us, which is why it was challenging. Getting an engineer to visit our country is quite expensive because you have to pay extra for accommodation, transport, and everything. It is not cost-effective.
What other advice do I have?
This is a solution that I would recommend, but only in cases where the organization has the skills. I would rate this solution in the middle because it meets my requirements, it is a very good tool, and it immediately gives you what you want. At the same time, when it comes to the support, setting it up, and upgrading it, it is challenging if you don't have skilled resources.
I would rate this solution a five out of ten.
Which deployment model are you using for this solution?