Tufin Benefits

Arturo Morante
Network Architect at a transportation company with 10,001+ employees
With path analysis, you can specify a source, a destination, and a port and it will tell you whether it's blocked or not, and where; which firewall is doing the blocking or the allowing, or whatever. That part is very useful. When you have feedback from the user and you have your source, destination, and port, instead of trying to search on the Check Point console or the Panorama console or the Juniper console to figure out where that packet being dropped, you go to Tufin, put it in and, in 30 seconds, you have your answer. It saves time on each ticket. Instead of playing around for 15 or 20 minutes, it's down to 30 seconds. Any first-line of support can go to Tufin, put in the source, destination, and port and they can at least know what to look for, who to involve to further troubleshoot the issue. It's a first-step investigation that saves time. It also helps us ensure that our security policies are followed across our entire hybrid network. View full review »
NetworkS2260
Network/Security Engineer at a leisure / travel company with 51-200 employees
In terms of the change impact analysis capabilities of this solution, we get a lot of CNR queues and it has saved a lot of time when making changes. And the analysis tells us that we have made a particular change and it sends out a lot of alerts. We can analyze them and do some auditing stuff as well with Tufin. We have a lot of teams that do stuff in Tufin, management teams, auditing staff, and a team for implementation. So the time it saves us across that whole scenario is hard to pin down, but it has saved us a lot of hours in implementing the CNR queues, approximately 20 to 30 hours a week. That a big time savings. The solution will automatically check if a change request will violate any security policy rules. We have an auditing staff using this feature within Tufin. If we have an open rule, it will send us an alert and we can see why this alert has been sent and take action on it. Tufin helps us ensure that security policy is followed across our entire hybrid network. We can set up rules and policies for this and we can do a lot of auditing as a result. View full review »
Syahrul Fitri
Specialist in Network Security Operations Support at a financial services firm with 10,001+ employees
In our environment we have two data centers which have the same IP address for service in both. This means that in data center A, server X's IP address is the same as server X's IP address in data center B, but it's sitting in a different firewall. So we are exploring SecureChange to automate the pushing of rules in both gateways at the same time. That way we will be able to track to which firewall, in which data center, we have pushed rules. It helps us to meet our compliance mandates because we are able to define whatever compliance we are subject to. We are a financial institution so we have to comply with PCI DSS, we have to comply with certain financial rules and regulations. We are able to do that with Tufin. It also helps ensure that security policies are followed across our entire hybrid network. So far there have been no complaints from the auditor who is checking our firewall rules. The only exception is that, because we have so many requests in a day, some of them are not used yet by the requester. What our auditor sees is only the unused part. But we are 80 to 90 percent compliant. Finally, I expect it will help our engineers to spend less time on manual processes, that it will cut half of the time spent looking at all the rules and validation. Currently, 70 percent of my engineers' load is looking at rule validation and requests that are not being made correctly. View full review »
Tch32Dr8392
Technical Director at a tech services company with 201-500 employees
The key, convincing element that made our customer go with Tufin is that they have the ability to centrally monitor and view all changes that have been made in the network, and they are able to revert any problems that they encounter, if somebody has made a problematic change. View full review »
Mohd Majmi Mohamad
Regional OSH at Pos Malaysia Berhad
There was no issue with slowness, especially when it came to pulling the data in real-time. Tufin was able to automatically check if a change request would violate any security policy rules. During our PoC I tested it by trying to do unauthorized changes and Tufin met our requirements. We are looking to become ISO 27001 certified for information security management. We need a solution like this for the audit side. They need to be able to check our firewall policies. View full review »
Managerfac3
Manager at a manufacturing company with 10,001+ employees
We use Tufin to automatically check if a change request will violate any security policy rules. One of the things we want to do is to have a blacklist/whitelist policy. A blacklist of things that can never be allowed and a whitelist of things which are always allowed. I want this tool to block or report ports that should not be used, putting somebody in a change. In addition to that, I want it to be able to block people from mapping IP addresses in North Korea, Iran, or whatever is on the blacklist. Our corporate policy mandates that we can only make changes to our firewalls daily. Once we get ServiceNow integrated with our whitelist policy, Tufin should be able to initiate the change and get us to reduce time. It should help us meet our compliance mandates going forward. It is replacing AlgoSec. View full review »
Samuel Taxis
Information Security Engineer at a tech company with 1,001-5,000 employees
My team uses it heavily to audit the changes made by junior engineers, going back and figuring out what they messed up, and correcting their mistakes. We generate reports for customer compliance and audits, as well as for regulatory audits. We use it to generate reports that we are in compliance, but don't necessarily use it to mitigate any compliancy requirements then only to report on them. View full review »
John Fulater
Security Engineering at a financial services firm with 10,001+ employees
The solution's visibility is excellent for Check Point. There's a new feature that validates standards. It allows the checks and balances against it, so it doesn't even go forward. It just says, "You're not right. Do it again." We just got done with major audits. Tufin was able to provide information to give back to people, and say, "Hey, this is what I need to do, and what we're doing." It's working on helping us meet our compliance mandates. We're a bank, so we're always chasing it, but it is helping us a lot. Rule recertifications are our biggest thing. However, what happens in the world of firewalls is people will put in rules to get what they need but don't ever clean them up when they stop using them. View full review »
NetworkS6585
Network Security at a transportation company with 10,001+ employees
The visibility is very good. We have managers who are overseeing it, and they are approving things through it. The whole process is flexible and customizable. We are building the matrix, then we're putting in exceptions. We have to add manual exceptions into it, and they have to come to us first before they can get it approved, which is good. We use this solution to automatically check if a change request will violate any security policy rules. Similar to what we are doing with Azure, where they request a change, and if it violates policies, it gets kicked back. Then, we have to review it and figure out what they're doing. We can then move forward with it, if it's approved. View full review »
Shawn Babinyecz
Cyber Security Engineer at a healthcare company with 10,001+ employees
It has very good visibility with all our devices. We can see how they interact with each other, and if we're doing the right things or not. We find it to be flexible. If we have a change that needs to be done, it will go ahead and do it for all our devices, regardless of the manufacturer that we have associated with it. We are still in the beginning phases of it, but we're hoping that it can change how all of our policies are determined and implemented. View full review »
Securitye949
Security Engineer at Allegiant Air
Tufin is our audit trail for all changes. We have to be PCI compliant, and it is the tool that we go to for enforcing PCI on the network side. The change workflow process has customizable and functional for us. It has helped us meet our compliance mandates. View full review »
Consulta38b6
Consultant at Sirius Computer Solutions
The visibility is pretty good because it's a cross-vendor platform, so it provides visibility across different vendors. We use this solution to automatically check if a change request will violate any security policy rules. We have a huge policy base, and we have certain compliancy requirements which we have to meet for the rules that we have. If we are planning to have a change in the policy base which could possibly violate the compliancy requirements, then we'd get the help of the tool to alert us in a way, which would make us aware of that. It makes us aware when there will be any compliance violations possibly, and we can pro-actively prevent those violations from happening. View full review »
Security4691
Security Engineer at a manufacturing company with 10,001+ employees
It has allowed us to be more efficient in our processing of firewall requests. We use this solution to automatically check if a change request will violate any security policy rules. Every change request has to go through a security approval step, but we also leverage the Unified Security Policy to automate some of that decision-making. View full review »
SrAdvisof832
Senior Adviser Cyber Security at a comms service provider with 10,001+ employees
Some clients wanted to have more latitude with root deployment. Instead of deploying through us every time, they want to deploy a new root, making quick roots or small roots, like adding an object to a root. They now have the possibility to go direct. It has helped our clients to meet their compliance mandates. They will ask us for evidence that we can provide them. View full review »
Salvador Teran
Network Security at a tech services company with 5,001-10,000 employees
The change impact analysis has been very good. We continue to improve. The change workflow process is flexible and customizable. Right now, we are using SecureChange, which is improving the rules that get applied to Check Point. We use the solution to automatically check if a change request will violate any security policy rules by generating a Sunday email report in these type of situations. Using the Tufin reports, for internal and external audits, is a way we can demonstrate how we made compliance. After any of the observation that we get from the audits, we just run the reports one more time to see if our changes are being successfully applied and everything is working according to the requirements. Tufin has been very helpful to get a lot of groups changed and getting all the information inputted on a tool, then later to applied on the device. View full review »
SrInfoseb35c
Senior Information Security Architect at First Citizens Bank
One of the main things is to look at what policies haven't been hit, so we can remove those remnant policies when people come in, use it, and it's still left on the Check Point. So when a couple of users say, "This is not needed anymore." We'll remove it. View full review »
SrNetwor9adb
Senior Network Engineer at a financial services firm with 1,001-5,000 employees
Change management tracking is important: Who does what when. We know if something happens by checking the reports and comparing. We know exactly what mistakes were made and corrections. In a financial organization, there are so many approval processes. At the designing levels, you can add any number of layers (for approval/decline), add qualifications, and traffic flow analysis. Because it is a predefined customized, we can define whatever we want it to be and add the exceptions. View full review »
Profferefb28
Professional Services Engineer at a tech services company
I tested it for the change orchestration. That is what my evaluation recently was specifically for. While the product was a little slow, it did look full-featured. View full review »
SeniorCofe32
Senior Consulting Manager at a tech services company with 10,001+ employees
Tufin has improved my organization with its configuration management. It has tremendously improved operation's success and has made life easier. It has also increased the amount of gateways there, which has really helped us. Information is readily visible. Tufin has ensured that the security policy is followed across our entire hybrid network in the way that it has given us what is in place now. We're trying to impose the security policies of the organization. There is still time to get in there. View full review »
Security1d40
Security Analyst at a government with 1,001-5,000 employees
The change work flow process is flexible and customizable. We found it pretty easy, particularly when we were implementing new rules and with our cleanup. We found that the rule change was fairly easy to implement. It has allowed us to monitor rule changes. This way we know exactly what would happen behind the scenes in the event of an after-hours change. View full review »
NetworkS3480
Network Security at a insurance company with 1,001-5,000 employees
The product is good at auditing the changes that we make in our environment. We use this solution to automatically check if a change request will violate any security policy rules. For example, if the engineer is making a change that hasn't been authorized, we will know about it. The product streamlines our change management process. It assists us in reporting on some of the compliance for our auditing department. It helps us in managing the process and having some auditing capabilities. View full review »
ITManage3885
IT Manager at a financial services firm with 10,001+ employees
The change workflow process is flexible and customizable. It has helped us to meet our compliance mandates. We have some requirements that we need to provide more visibility on the risk levels of our firewall base, and Tufin helped us with that requirement. View full review »
Marko Martin
Technical Team Lead at Paragon
We have a better view of our compliance status. Most of our network is on-premise, so we don't have a cloud. We don't have a hybrid network, but it provides visibility for what we do have right now. View full review »
NetwEng3023
Network Engineer at a tech services company with 11-50 employees
Before, we had to manage each file individually. Now, they can all be managed as a single entity. View full review »
ITSecuri46f3
IT Security Professional at a pharma/biotech company with 10,001+ employees
Our company has a grid, and there are different blocks of public domains and internal domains. It checks all that on our security grid. That has been customized by our administrator. Tufin allows our say junior guys to learn how to view policies. It gives them a tool that will help them consolidate and optimize. View full review »
ChiefInf4325
Chief Information Security Officer at a tech services company with 501-1,000 employees
It provides me great insight into my firewalls across my organization. We are able to stay compliant with many of the regulations. View full review »
Valentino Kusmic
Owner at a tech services company with 1-10 employees
We now spend less time auditing rules with reports: * The designer helps us in creating rules * It tells us what rule is missing and where to put it. * The predefined reports are then sent to administrators. * It provides an exact image of how to improve security. View full review »
NetwEng3023
Network Engineer at a tech services company with 11-50 employees
Now we can confidently remove firewall rules that are not needed and make the configuration of firewalls more strict. View full review »
Davison Marques
Regional Manager at a tech services company with 11-50 employees
The solution helps us meet our compliance needs. View full review »
Carlo Gardener
Security Engineer with 1,001-5,000 employees
Tufin allows us to perform self-audits and use rule-based accountability. View full review »

Sign Up with Email