We can review rules and do searches, as it has its own database which pulls all the information in regularly
What is most valuable?The reporting is very good and provides in-depth knowledge for Check Point. We can write the rules as we see them. We can review rules and do searches. It has its own database which pulls all the information in regularly. This is very nice, and it is a good product for us. I like the change impact… more»
How has it helped my organization?The solution's visibility is excellent for Check Point. There's a new feature that validates standards. It allows the checks and balances against it, so it doesn't even go forward. It just says, "You're not right. Do it again." We just got done with major audits. Tufin was able to provide… more»
What needs improvement?We were just talking to them about usage for the F5 platform. They will not be going after specific environments, but a more OpenAPI. They will have other companies write it, etc. It's a little different than I had expected.
What other advice do I have?Buy Tufin because it works! I love the product. It's been a great product to work with. The people are great, and the support is awesome. I have had no downside out of it. We're just getting started on the change workflow. So, we're learning it, and it's working well. It helps with our review… more»
Apr 04 2019
What is most valuable?SecureChange is the most interesting part. It all comes down to having the user request firewall access and SecureChange, based on workflows, takes care of it, sending two or three emails to the… more»
How has it helped my organization?With path analysis, you can specify a source, a destination, and a port and it will tell you whether it's blocked or not, and where; which firewall is doing the blocking or the allowing, or whatever… more»
What needs improvement?The visibility that Tufin provides us with is improvable. The interface is like a 1990s kind of thing. It's a little ugly. There are many things that you cannot tweak, little things like the column… more»
What's my experience with pricing, setup cost, and licensing?It's not that expensive, except for Security Groups. For us, just the Security Groups were about half of the total price. The total was about €500,000 a year, of which €200,000 was for Security… more»
What other advice do I have?Don't bother with the web interface, calm down, don't worry, everything will be fine. They will improve it. The rest of it, I don't have any issues. They're technically prepared, the tool does its… more»
Which other solutions did I evaluate?We could only test AlgoSec for a little while. Our group is part of a larger group of products. When we were doing our PoC for AlgoSec, we were told to stop. The decision was made to move to Tufin… more»
Jul 28 2019
What is most valuable?The rule provisioning is the most valuable feature. We had a ticketing system, like Remedy, which had a homegrown product. It would take your source destination port and do a bit of analysis, then… more»
How has it helped my organization?It is definitely a time saver. We can process more rules on a daily basis. It allows the customers to request their own rules. Sometimes, they need a little help, but they can submit it. As long as it… more»
What needs improvement?We like what we have seen out of SecureTrack 2.0 with its improved search capabilities, where you can do greater than, less than, not equal, etc. Right now, if you're in there and you want to do a… more»
Which solution did I use previously and why did I switch?The previous solution was written in-house. We had a product called Skybox and whoever wrote the app would query Skybox for compliance, etc. Then, it would generate a spreadsheet, and we had to work… more»
What other advice do I have?Give Tufin a good look. The Tufin team is always trying to stay on top of it. When Check Point came out with a R80.10, it wasn't very long before Tufin could generate rules or provision to R80.10… more»
Which other solutions did I evaluate?We did PoCs. We looked at FireMon, AlgoSec, etc. Tufin came out on top, so we started implementing it, as it was the product that we chose. With AlgoSec, you had to pay them for all of your workflows… more»
Find out what your peers are saying about Tufin, AlgoSec, FireMon and others in Firewall Security Management. Updated: January 2020.
390,245 professionals have used our research since 2012.
Jul 31 2019
What is most valuable?The reports are very valuable. In terms of cleaning up firewall policies, we use Tufin to gather information in the reports. However, we don't automate Tufin to do the work. It's still done by a… more»
How has it helped my organization?It has improved our organization through the beginning of automation. It has also helped in terms of auditing. Tufin is a convenient way for us to show and prove what changes were done, when they were… more»
What needs improvement?For me, there are two things that can make Tufin a bit better. This could be something on my end that I don't understand or maybe it can already be done and I don't know, but the two things that I am… more»
What's my experience with pricing, setup cost, and licensing?The cost is too much. For us it's around $40,000.
Which solution did I use previously and why did I switch?The switch to Tufin was done before I got to this company, but if I had to guess, I imagine somebody tried to jump out of the window or thought, "I'm going to go nuts if I have to look up one object… more»
What other advice do I have?I've already recommended Tufin to other people, absolutely. There was another company that has Check Point, I'd meet with them at Check Point expos and we'd talk. I would tell them I'm doing the rule… more»
Jul 29 2019
What is most valuable?One of the things that we really like is the ability to customize work flow. It seems like there are ways to make a workflow robust and capture multiple different types of things that you would want… more»
How has it helped my organization?The additional visibility into network path analysis is really helpful. The ability to provide assistance with role clean up will be helpful as well. Part of the work that one of our firewall… more»
What needs improvement?I would like a USP that was a little like an interface and a bit more intuitive. It seems like the 2.0 version did that better. I know when I was performing a search, like in the policy query area… more»
Which solution did I use previously and why did I switch?It was clear that no one was managing the shop floor network firewalls. Right now, there are no tools to do that. As we are hardening and locking down firewalls, the requirement to maintain and manage… more»
What other advice do I have?There is a plan for clean up as part of our regular process. There is a process drafted and an intention to do that. It seems flexible and customizable. The bigger question is whether it will… more»
Which other solutions did I evaluate?The company a good comparison of the different tools. I don't know if they were working with Booz Allen at the time, but Booz Allen seems to feel pretty strongly about the quality of Tufin and their… more»
Jul 31 2019
What is most valuable?The central repository of information provides a consistent way of doing things, eventually shortening the time period to make changes. This is the most valuable thing at… more»
How has it helped my organization?We use this product to sharpen our change cycle. A request used to take quite a while as we did manual assessments. A lot of that is now done through SecureTrack. At this… more»
What needs improvement?I would like to drive value from is to getting to a point where we are almost like a DevOps operation for security changes. We have put in a lot of requests. Some of them… more»
What's my experience with pricing, setup cost, and licensing?The licensing costs are around $250,000 to $300,000. There are ways to deploy the license to different types of firewall. However, if we decide to change the physical… more»
Which solution did I use previously and why did I switch?We were using Tufin before, as well, but it was not the same. It was separated into localized instances and regions. We sort of saw that the volume of changes were coming… more»
What other advice do I have?It gives us visibility and the ability to make changes automatically with less mistakes. Overall, it's a decent product. Tufin is definitely a good contender to come as a… more»
Which other solutions did I evaluate?We did not consider anyone else, because we already had an unused, unimplemented Tufin license. We eventually thought to start consolidating everything into one place. We… more»
May 06 2019
What is most valuable?The topology and the config backup that we see for devices are key features we get from Tufin. The change workflow process is flexible and customizable. We went through a lot of difficulties while… more»
How has it helped my organization?In terms of the change impact analysis capabilities of this solution, we get a lot of CNR queues and it has saved a lot of time when making changes. And the analysis tells us that we have made a… more»
What needs improvement?I have gone over compliance issues in Tufin, but compliance is one of the things which might not be that clear in Tufin. It just shows the configuration. That is one of the things they have to work… more»
What's my experience with pricing, setup cost, and licensing?I was involved with the pricing at the start. But then management took over that issue. In terms of affordability, this company is using it, so it seems they are fine with it. We just provide… more»
Which solution did I use previously and why did I switch?We did not have a previous solution. We were moving towards automation and we wanted something that would save time in doing firewall queues and creating firewall rules. We were looking for a good… more»
What other advice do I have?My advice would depend on what kind of implementation and what kind of environment you have. If you are looking for automation and auditing you should think about this solution. Talk to the technical… more»
Jul 24 2019
What is most valuable?The APIs are the most valuable feature of this solution, as they facilitate integration with ServiceNow and other solutions. I'm a little biased because that's what I work with the most, but I have… more»
How has it helped my organization?I have seen our customers benefit by taking out massive amounts of duplicate objects, and overly permissive rules. Tufin helps to clean up their firewall policies. A common scenario we see is one… more»
What needs improvement?Support for Firepower is still ramping up, but meanwhile, some things are missing. I would really like to see a new UI for SecureChange. SecureTrack 2.0 has quite an improvement in the UI and it flows… more»
Which solution did I use previously and why did I switch?Clients typically choose Tufin for a feature that it supports which other solutions don't have: a certain firewall or perhaps provisionings on a certain firewall. Tufin tends to release new versions… more»
What other advice do I have?The change workflow process is very flexible and customizable. Most of what I do is integrate SecureChange with ServiceNow. I've done a couple with HPE SM and RSA Archer. It’s great that they not only… more»
Which other solutions did I evaluate?There are certainly clients that consider FireMon and AlgoSec.
Jul 31 2019
What is most valuable?In our current environment, the most valuable feature from Tufin is their Network Map because our network team can't give us a network map. Tufin has given me more than what the network team have ever… more»
How has it helped my organization?The plan is to integrate it into things, like ServiceNow, then use the automation. That was one of the strengths in the decision to stay with Tufin and invest more resources into it. My hope is to use… more»
What needs improvement?The biggest area where I see a need for improvement is some of the documentation and training stuff. It does a really good job of hitting the big concepts, but it needs like another layer deeper of… more»
Which solution did I use previously and why did I switch?I've used Tufin, Firemon, AlgoSec, and all the other solutions at other companies before, and seen what we've been able to do with them. So, when I came to this company, it was just like, "Okay what's… more»
What other advice do I have?If someone was looking for this type of solution, I would tell them, "Here are the top four solutions that I know of and the places that I worked on each of them. Here are the benefits, gossip, and… more»
Which other solutions did I evaluate?I wasn't part of the bake-off. I think the company went in the right direction, and I am glad that they didn't even look at FireMon. While our UK side has Skybox, which I have never even seen, the… more»
See 67 More Tufin Reviews
User Assessments By Topic About Tufin
Read Archived Reviews
What is Tufin?
Tufin Orchestration Suite is a comprehensive solution for network security management providing visibility, change tracking, analysis and auditing for firewall policies, network devices and cloud platforms. It also provides automatic application connectivity and firewall change management. It assures a tight security posture and regulatory compliance across all enterprise platforms.
SIX Group Services AG, Telenor Norway, Swisscom
We are able to discover firewall rules that are too broad and widen the security footprint.
Valuable features include a central pane of management for all the firewalls and the ability to do queries on the rules and understand in which files the rules are configured.
The designer gives the ability to know where to add a rule, or if the rule is already in place.
The visibility is very good. We have managers who are overseeing it, and they are approving things through it.
We find it to be flexible. If we have a change that needs to be done, it will go ahead and do it for all our devices, regardless of the manufacturer that we have associated with it.
The product streamlines our change management process.
See more »
The product is good at auditing the changes that we make in our environment.