Tufin Initial Setup

Arturo Morante
Network Architect at a transportation company with 10,001+ employees
The setup was straightforward, absolutely. The only problem we had was with Check Point, but I think it's a Check Point problem, not a Tufin problem. Check Point is horribly configured. Managing it is hell. You have to define the OPSEC server with a user name and password, and you have to create the same thing on the provider one. They have to be same user but have different passwords. It's a little difficult. You have to pay close attention so you don't make a mistake. But I think that's a Check Point issue, not a Tufin issue. The whole Tufin deployment took us about four months, with SecureChange, etc. Up to the point with Check Point, it was easy. We created a read-only user for our infrastructure, and once we had connectivity from the Tufin box to all the devices, it was pretty simple. It was just IP address of the device, username, password, and go. Except Check Point. We needed to spend a day or two on that. In terms of our implementation strategy, we wanted to test each of our technology manufacturers: F5, Check Point, Palo Alto, etc. We left our main public-facing networks out of the equation for the PoC. Whenever we implement the whole thing, we will include those. We made SecureTrack work well. We will define our security matrix correctly with all our networks, as granular as we would like it to be. Once we have that, we will go to SecureChange. So it's SecureTrack, do a good security matrix and, once we're confident with that, we'll go to SecureChange. For deployment, it was just myself and the people who deployed the VM, with the help of Tufin's team. I'm the only one who was involved in maintaining it. View full review »
Robert Letson
Director at Visa Inc.
The guy doing the initial setup made it look very easy, but it took us a little while to get up to speed on it. View full review »
NetworkEng4365
Senior Network Engineer at a financial services firm with 10,001+ employees
The initial setup was complex because we had to integrate with ServiceNow. That's what made it complex. Tufin would say, "Hey, we can do this," and ServiceNow would say, "Yeah, we can't do that." Or ServiceNow would say, "We do it this way," and Tufin would reply, "Yeah, that's not going to happen." If it was just a stand-up and write some custom workflows, that would have been a lot easier. View full review »
Find out what your peers are saying about Tufin, AlgoSec, FireMon and others in Firewall Security Management. Updated: September 2019.
371,639 professionals have used our research since 2012.
Reviewer45759
Change Manager at a pharma/biotech company with 10,001+ employees
The initial setup seemed like it required a lot of effort. I wasn't super close to the project during the initial setup. Now that I've gone through the training it seems a little less overwhelming. For the initial setup, I was only involved slightly on the SecureChange side. The API integration process with BMC Remedy seems difficult. I don't know if that is a result of the way the SecureChange application is designed, or if it's a result of a challenging resource environment for focusing on the implementation and the integration of it with Remedy. But, it seems like a challenging effort. View full review »
NetworkS2695
Network Security Operations at a insurance company with 10,001+ employees
Our initial setup was complex from two dimensions, because we were deploying it globally and had to have a centralized view, but a distributed approach. We had it in Asia and North America (US and Canada), causing a slightly complicated approach. Prior to Tufin, we had three instances which were separately managed, so we did not have end-to-end visibility. Therefore, we rearchitected the Tufin environment and created one global Tufin instance. The retail instances became local collectors, which reported back to the single environment. From the start of the project to the end of the project, the deployment took us a while, at least five to six months. Most of the time involved was not because of Tufin. It was primarily for us to handle all of our separate service providers and outsourcers globally, so they could all provide us with read-only access to the firewalls that they manage. View full review »
NetworkS2260
Network/Security Engineer at a leisure / travel company with 51-200 employees
I don't think we had any issues installing it. That was not a problem. It is not that difficult but it is not easy either. The setup was normal and I wouldn't complain about it. Our deployment took about ten to 15 days to get things onboarded. There were many other guys who were also involved in it and I don't remember entirely, but I think that's how long it took to onboard things. The number of people involved in the deployment depends on the infrastructure and what kind of services you are looking for. If you're looking at server management, that would require one or two guys. If you're looking at onboarding of devices, you would need another one or two guys. For the auditing stuff, again, another one or two guys could do it. So for each of these areas, one or a maximum of two guys could handle it. Once you are done with onboarding, managing it takes two guys. Regarding our implementation strategy, our primary motive was to get firewall automation in place. With that in mind, we worked to bring in all the devices and all the firewalls. Then we started talking about getting the different packages over to it and working to get the firewall automation done. There were a lot of things we had to do - it took months - when we had to bring in new patches or requests. View full review »
Ben Stern
Service Engineer at G2 Deployment Advisors
The initial setup is pretty straightforward, as all you need to install it are IPs and credentials for your firewalls. However, once you go beyond that, the effort you put in is what you get out. In terms of creating zones and Unified Security Policy, those are things that you work on for years. View full review »
Michael Utech
Network Security Engineer at Customer Worldpay
The initial setup is not even complete yet. We bought some stuff, then had it shipped. There are some additional discussions which are going on next week after this, where there will be some design tweaks which will occur. At first, we were thinking of using VMs for the distributed stuff and collectors, but we can't get those level of resources from the server team. So, we will be better off just buying smaller hardware boxes and having them completely managed by us that way it will be easier. Also, we'll be able to complete it much faster in our environment. View full review »
Syahrul Fitri
Specialist in Network Security Operations Support at a financial services firm with 10,001+ employees
The initial setup was straightforward. I was able to deploy Tufin in a few minutes only. Integrating with devices - as we are using Checkpoint, API, Syslog - is simple. For now, we have only installed one server, not distributed. Soon we will go for distributed, because we need to collect all the logs from all our overseas sources. I was the only one involved in the deployment and am the only one who takes care of the maintenance and day-to-day configuration. Our firewall team will be using Tufin but they don't do the maintenance. At the moment there are about 15 users. Half of them are the firewall team and then there are a few auditors and a few people in the business unit who are monitoring the rules. View full review »
NetworkEccd3
Network Engineer Lead at a energy/utilities company with 10,001+ employees
We took baby steps, so the initial setup was pretty straightforward. We just started with SecureTrack, getting it talking to the firewalls, and initially using it to document justification for rules on our compliance firewalls. We have been doing more with it over the years. View full review »
Security8043
Security Analyst at a retailer with 10,001+ employees
Someone before me had stood up the actual server on the network. They had one device, and it was monitoring. Then, I took it over. I've expanded it out to over 400 devices. They made getting new monitoring devices in pretty easy. From the monitoring devices tab, it was pretty straightforward. You pick the vendor, then under there, this is a drop-down. I struggled a bit under the Cisco tab where they have a router, then a Nexus router. They have a lot of different vendors, and figuring out which category it falls under was confusing. The help docs don't exactly specify between the two or what commands it will be running. This is usually more for our older devices. View full review »
NetworkE78f6
Network Engineer at a healthcare company with 10,001+ employees
Very straightforward. There was nothing complex about the initial setup. It's easy to get it up and going in a matter of a few hours. View full review »
John_Ford
Managing Director at Midpoint Technology
The initial setup of this solution is straightforward. Obviously, with its flexibility, you really have to know what you're doing. In order to be able to leverage the product, it requires some expertise. View full review »
Nathan Hulsey
Firewall Architect at a financial services firm with 10,001+ employees
I wasn't involved in the initial setup, but from what I've heard from others from whom I took it over, it was very straightforward. View full review »
Tch32Dr8392
Technical Director at a tech services company with 201-500 employees
The initial setup is reasonably straightforward and the support team is quite good. They're very helpful and they're very knowledgeable. The deployment, overall, took about three months, in terms of studying the customer's environment and doing some consultation and a deep-dive with the Tufin consultancy team. View full review »
ManagerOc5c3
Manager of Security Engineering at Global Payments inc
The initial implementation was done at an acquired company, so it was already installed. However, we are doing upgrades now. View full review »
Tom Loeber
Services Engineer at AccessIT Group
At first, the initial setup is complex. Once you know it, the initial setup is straightforward. First, you have to install the operating system. Then, you have to install the application, where there are certain version requirements. You can't just go right to the latest OS version. You have to go back to the older one, then upgrade those as well. It is a little cumbersome. View full review »
Shaun Slatton
Automation Engineer at Cox Communications
The initial setup of this solution is very complex. Putting all of the devices into the topology, and then getting it to a place where it can provide meaningful and accurate results, and then building the USP on top of that, are all very complex. Out of the box, I don't think that Tufin really provides very much until you get through a lot of those complexities. View full review »
Arnold Adu-Darko
Infrastructure Engineer Specialist at a healthcare company with 10,001+ employees
The initial setup of this solution was straightforward. View full review »
Mahendra Neopane
User at Daimler AG
The initial setup was straightforward. View full review »
Jeffrey Belanger
Security Consultant at a insurance company with 10,001+ employees
The initial setup was completed before I was there, but I have heard that they had a lot of issues with setting up high availability. Other than that, it was pretty straightforward. View full review »
NetworkEae6b
Network Engineer at a healthcare company with 10,001+ employees
I wasn't there for the initial setup, but from what I've seen, it was pretty straightforward for the engineers who set it up. View full review »
Associate8c2
Associate Director Program Management at a pharma/biotech company with 10,001+ employees
The initial setup was pretty straightforward. The problem was getting people to pay attention to it. It is a lot of work to implement. View full review »
Mohd Majmi Mohamad
Regional OSH at Pos Malaysia Berhad
The setup was not too complex but not completely straightforward. It was so-so, at least for our environment. We had an issue with how to push the policy changes. It took about a week, during which our engineer conferred with Tufin. Tufin had to do some fine-tuning. In terms of an implementation strategy, at that time we were only doing a PoC to see the policy management functionality. Tufin can also integrate networking and security to show an overall network mapping, from site to site. We have a lot of branches. And we are now moving to SD-WAN, to see the mapping. We need to see if Tufin can integrate with that. View full review »
Managerfac3
Manager at a manufacturing company with 10,001+ employees
The initial setup was very straightforward. It was done in five days, which is pretty cool. View full review »
InfoSecC1266
InfoSec Consultant at a insurance company with 10,001+ employees
The initial setup of this solution seemed to be straightforward until we got into the details. At that point, we found it to be complex. Once you start thinking about the things you want to do and how you want to do them, because it's so customizable, it can become complex quickly. However, not in a bad way. View full review »
Securitya49e
Security Engineer at a government with 10,001+ employees
I would say that the initial setup was of medium difficulty. I and one other engineer completed it, and it wasn't too difficult. The deployment, in total, took more than a year. This included bringing in every single firewall policy and making sure that it was updating and tracking. View full review »
Samuel Taxis
Information Security Engineer at a tech company with 1,001-5,000 employees
The setup was pretty straightforward. The documentation was pretty clear in terms of what you had to do. It was just the case of executing it. View full review »
John Fulater
Security Engineering at a financial services firm with 10,001+ employees
We were the first North American company to do this product, a long time ago. So, I don't know how the initial setup went. It's been a while. However, every time we go back and do stuff, it has been a pretty straightforward installation. View full review »
Ed Aguila
Senior Network Engineer at a pharma/biotech company with 10,001+ employees
I have worked with Tufin before, so I found it to be straightforward, out of the box. View full review »
NetworkS6585
Network Security at a transportation company with 10,001+ employees
The initial setup was pretty straightforward. It communicating with the firewalls and management server were the big pieces. View full review »
Shawn Babinyecz
Cyber Security Engineer at a healthcare company with 10,001+ employees
The initial setup was straightforward. It was very easy to setup and integrate. We had no issues. View full review »
Infrastra69d
Infrastructure Analyst at a manufacturing company with 10,001+ employees
The initial setup of this solution is straightforward, although we haven't done full-on production yet, so I don't know what we're going to run into. View full review »
David Higgins
Senior IT Analyst at Exelon Corporation
I was not part of the initial setup of this solution. View full review »
Security4691
Security Engineer at a manufacturing company with 10,001+ employees
It was pretty straightforward. It was not too challenging to get it going. This issue is just maintaining it. View full review »
ITManage3885
IT Manager at a financial services firm with 10,001+ employees
The initial setup of this solution is straightforward. Installing SecureTrack was not difficult, after browsing through the knowledge base. With the documentation that is available, it is easy to deploy. View full review »
SrAdvisof832
Senior Adviser Cyber Security at a comms service provider with 10,001+ employees
The last time that we initialed setup, it was straightforward. If you want to install a new root automatically using the tool, the change impact analysis capabilities are useful. View full review »
Salvador Teran
Network Security at a tech services company with 5,001-10,000 employees
The initial setup was very simple. We could obtain deep knowledge information from Tufin's knowledge base (KB). View full review »
SrInfoseb35c
Senior Information Security Architect at First Citizens Bank
There were some hiccups in the initial setup. In using the new features, there was a learning curve. However, for the most part, it was fairly straightforward. View full review »
Christian Myers
Consultant at Critical Design Analytics
The initial setup is straightforward. View full review »
Security7b20
Security Engineer at a insurance company with 201-500 employees
The initial setup was straightforward. We did it in three days. View full review »
Viktor Vera
Head of IT Security at Banco Privado
The initial setup was super easy. It was fast to implement the firewall. The Check Point was very fast. View full review »
HugoSanchez
Security Analyst at Equifax Inc.
The initial setup was good and we had no trouble with it. View full review »
SrNetwor9adb
Senior Network Engineer at a financial services firm with 1,001-5,000 employees
The initial setup was very straightforward because the documentation was straightforward. View full review »
Profferefb28
Professional Services Engineer at a tech services company
The initial setup was straightforward. View full review »
Security1d40
Security Analyst at a government with 1,001-5,000 employees
The initial setup was straightforward, but then it became complex due to our rule set. View full review »
NetworkS3480
Network Security at a insurance company with 1,001-5,000 employees
There were some hiccups here and there with the initial setup, but we used Tufin's support to assist us with that. View full review »
reviewer1188195
User
The initial setup was fairly complex because of the agreement with the network provider. View full review »
reviewer1185804
User
The initial setup of this solution was not complex. It was simple. View full review »
Firewallcf07
Firewall Administrator Security Engineer at a comms service provider with 1,001-5,000 employees
The initial setup was straightforward, but time consuming. View full review »
Securitye57f
Security Architect at a manufacturing company with 10,001+ employees
The SecureChange implementation was straightforward. The SecureApp implementation was very complicated. The topology was so complicated that we threw it away after months of having Tufin people come out to try and make it work. View full review »
ITManage3885
IT Manager at a financial services firm with 10,001+ employees
The initial setup was very straightforward. View full review »
reviewer1185783
User
The initial setup was complex. View full review »
Marko Martin
Technical Team Lead at Paragon
The initial setup was very straightforward. View full review »
ITSecuri46f3
IT Security Professional at a pharma/biotech company with 10,001+ employees
I was not involved in the initial setup. View full review »
ChiefInf4325
Chief Information Security Officer at a tech services company with 501-1,000 employees
There was some complexity during the initial setup, but otherwise, it was fairly straightforward. View full review »
Davison Marques
Regional Manager at a tech services company with 11-50 employees
The initial setup was complex. We have a big environment which contributed to the setup's complexity. View full review »
Find out what your peers are saying about Tufin, AlgoSec, FireMon and others in Firewall Security Management. Updated: September 2019.
371,639 professionals have used our research since 2012.
Sign Up with Email