We just raised a $30M Series A: Read our story
MS
Presales Network & Security Engineer at a tech services company with 51-200 employees
Reseller
Top 5Leaderboard
User-friendly, intuitive, easy to set up, with good monitoring and support

Pros and Cons

  • "It allows administrators to visualize the traffic flow, and troubleshoot when necessary."
  • "They need to offer more support to vendors, such as Cisco, Checkpoint, Fortinet, and Forcepoint."

What is our primary use case?

The primary use case of this solution is for monitoring, automation, policy orchestration, and security.

What is most valuable?

The most valuable feature is the monitoring. I quite enjoy the monitoring this solution provides. It allows administrators to visualize the traffic flow, and troubleshoot when necessary. It's a useful tool.

The interface is quite user-friendly and intuitive.

What needs improvement?

The cost of this solution should be improved.

They need to offer more support to vendors, such as Cisco, Checkpoint, Fortinet, and Forcepoint.

They have an API, but it needs more service on this.

While technical support is good, they could still improve.

For how long have I used the solution?

I have been working with Tufin for one year.

What do I think about the stability of the solution?

It's a stable solution. There are some bugs that they are working on but that is common with any vendor.

They do mention that they don't support specific features from Nexus for some automation but it does actually work, although it is not listed as working.

How are customer service and technical support?

Technical support is relatively good. They are not the best but they are good.

They could improve but they do respond with accurate responses.

How was the initial setup?

The initial setup was straightforward. It was deployed in less than an hour.

The first time without training, it took an hour or so, but it was quite easy.

What's my experience with pricing, setup cost, and licensing?

It's quite an expensive solution.

What other advice do I have?

I would recommend this solution to others who are interested in using it.
I have not worked with any other vendors with this type of solution, for example, FireMon. I haven't worked with it. 

I would recommend it specifically to start with a secure track, which is a monitoring tool. Once the customer sees it, they want the solution. Afterward, for automation and secure change.

I would rate Tufin an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
Demetrio Leon Guerrero
Executive Director at a financial services firm with 1,001-5,000 employees
Real User
Top 20
Works well with simple topologies; ingestion of flow data could be enhanced

Pros and Cons

  • "All the basic functions work well."
  • "Lacks ability to create a Terraform that would enable deployment without manual steps."

What is our primary use case?

Our primary use case is trying to make sure that when firewall rules are requested, they meet our compliance. Tufin has a notion of a universal security policy, where you line up the policies and we use the solution for that. We also use it to track all of the changes. I'm the executive director of the company. 

What is most valuable?

Tufin gives us the rule, definitions and things of that sort, which is great. All the basic functions work well. 

What needs improvement?

Our compliance goes through SecureChange and they give us the rule set and then the recommendation. Ideally we'd like to press a button and create a Terraform to put into the build and deploy. We can't do that yet and there are several manual steps which can lead to errors. We'd like that to change. 

I would also like to see the ingest of flow data enhanced, so that multiple flow data can be ingested from different points on the network and be mapped out. The basics work, the issue is when you have a complex network because maybe you want flow data from the firewall and with Tufin it's only from a single source.

For how long have I used the solution?

I've been using this solution for over two years. 

What other advice do I have?

Tufin is a good company. I think most of the products in this market have difficulty working across a multi-vendor solution, and that also applies with Tufin. It works really well when you have a single vendor solution but it's just not as intuitive if you have back-to-back firewalls or you have a complex topology. For simple topologies, it works really well.

There are currently some issues with this solution but if things improve with the new version, which apparently has some enhancements, I would give them a higher rating. For now, I rate this product a seven out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Learn what your peers think about Tufin. Get advice and tips from experienced pros sharing their opinions. Updated: September 2021.
542,267 professionals have used our research since 2012.
JC
IT Coordinator at a financial services firm with 10,001+ employees
Real User
Stable, good support, reasonable price, and useful for controlling and monitoring firewall rules

Pros and Cons

  • "It is an important application for controlling and monitoring firewall rules. It is useful for making and monitoring the changes."
  • "Its price is reasonable, but it could be lower. It could have a more effective approach for creating and changing rules. It could provide advice or suggestions for a better understanding of rules and changing the rules. There should be suggestions for the rules that need to be changed to make them less risky."

What is most valuable?

It is an important application for controlling and monitoring firewall rules. It is useful for making and monitoring the changes.

What needs improvement?

Its price is reasonable, but it could be lower. 

It could have a more effective approach for creating and changing rules. It could provide advice or suggestions for a better understanding of rules and changing the rules. There should be suggestions for the rules that need to be changed to make them less risky.

For how long have I used the solution?

I have been using this solution for eight months. We have recently done an upgrade, and we are using the latest version.

What do I think about the stability of the solution?

It is stable.

What do I think about the scalability of the solution?

We have not been using it for a long time. So far, it is scalable for us. We have more or less ten people.

How are customer service and technical support?

Their technical support is good.

Which solution did I use previously and why did I switch?

We have worked with AlgoSec but in a restricted topology of the network. Both of these solutions are useful. It mainly comes down to the price. Even though Tufin is more costly, it has been more cost-effective for us, but it is not the same for all companies. It also depends on the integrator.

How was the initial setup?

Its initial setup has medium complexity. It was not complex, but it was also not easy. We had some problems because it was a fresh installation.

What's my experience with pricing, setup cost, and licensing?

Its price is reasonable, but it could be lower. It has been cost-effective for us. We have a contract for three years.

What other advice do I have?

I would rate Tufin a nine out of ten. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
Akhilesh Mishra
Sr.I-Security Engineer at M.Tech
Reseller
Top 20
Good reporting and monitoring capabilities, easy integration with different firewalls, and good stability and scalability

Pros and Cons

  • "It provides very good reports. It can easily integrate with multiple firewalls, such as Cisco, Juniper, Palo Alto, and Checkpoint. We can push a policy from Tufin to a firewall, which is a very good feature. We can monitor all access rules and the operating system of a firewall."
  • "Currently, we are able to monitor access rules and the operating system of a firewall. It would be great if we can also monitor the configuration of the firewall through Tufin."

What is our primary use case?

Our customers use Tufin to manage multiple firewall access rules through a single console. We have done on-prem, public, and private deployments of this solution.

What is most valuable?

It provides very good reports. It can easily integrate with multiple firewalls, such as Cisco, Juniper, Palo Alto, and Checkpoint. 

We can push a policy from Tufin to a firewall, which is a very good feature. We can monitor all access rules and the operating system of a firewall.

What needs improvement?

Currently, we are able to monitor access rules and the operating system of a firewall. It would be great if we can also monitor the configuration of the firewall through Tufin.

For how long have I used the solution?

I have been using this solution for the last three years.

What do I think about the stability of the solution?

It is very stable. It has good stability.

What do I think about the scalability of the solution?

It has very good scalability.

How are customer service and technical support?

Their technical support is good.

How was the initial setup?

Its initial deployment is not very easy. It is a little bit complex. After the deployment, it is easy to work with it in the GUI. Its deployment takes at least two or three days.

Which other solutions did I evaluate?

Customers usually evaluate AlgoSec. 

What other advice do I have?

I would advise others to go for it to manage firewalls from multiple brands in a single console.

I would rate Tufin a nine out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
Flag as inappropriate
Joe Stehle
Network Infrastructure Engineer at Ropes & Gray
Real User
Top 20
Easy to set up and use with helpful alerting on rule changes

What is our primary use case?

We use this solution for Firewall audit, compliance, and some automation.

How has it helped my organization?

Using Tufin makes it easy to visualize when investigating or auditing configs.

What is most valuable?

The most valuable feature is alerting, which lets me know when someone has made a change. When something stops working I can see what has been done and by whom. This solution is easy to set up and use. It is very easy to see what has changed when comparing two different revisions.

What needs improvement?

I would like to see visibility into the FW features like IPS/Content Filter policies, the same way it does for FW rules/policies.

What is our primary use case?

We use this solution for Firewall audit, compliance, and some automation.

How has it helped my organization?

Using Tufin makes it easy to visualize when investigating or auditing configs.

What is most valuable?

The most valuable feature is alerting, which lets me know when someone has made a change. When something stops working I can see what has been done and by whom.

This solution is easy to set up and use.

It is very easy to see what has changed when comparing two different revisions.

What needs improvement?

I would like to see visibility into the FW features like IPS/Content Filter policies, the same way it does for FW rules/policies.

Disclosure: I am a real user, and this review is based on my own experience and opinions.