Tufin Overview

Tufin is the #2 ranked solution in our list of top Firewall Security Management tools. It is most often compared to AlgoSec: Tufin vs AlgoSec

What is Tufin?

Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines. 

Tufin Buyer's Guide

Download the Tufin Buyer's Guide including reviews and more. Updated: March 2021

Tufin Customers

3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 

Tufin Video

Filter Archived Reviews (More than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Arturo Morante
Network Architect at a transportation company with 10,001+ employees
Real User
Apr 4, 2019
SecureChange feature enables firewall rule automation, but Security Groups are pricey

What is our primary use case?

We deployed a proof of concept. We added most of our firewall base to Tufin, although not all. We checked and tested Check Point, Palo Alto, Juniper, Cisco routers, Juniper routers, and F5 load balancers. Mostly we grabbed one instance of each of our technology devices, added it to Tufin, and tried different things. We tried SecureTrack and some basic SecureChange to try to automate our firewall partitions, the firewall "tickets." We presented a form to users to enter the source, destination, service, etc. This was our PoC. Right now, we're in the process of purchasing Tufin.

Pros and Cons

  • "SecureChange is the most interesting part. It all comes down to having the user request firewall access and SecureChange, based on workflows, takes care of it, sending two or three emails to the business approvers. With one click, you can automate a firewall rule."
  • "The change workflow process is flexible and customizable. I was really impressed with it. It's pretty easy. You can add automatic validation steps. Depending on the security matrix, you can pre-allow whatever flow you want."
  • "The interface is like a 1990s kind of thing. It's a little ugly. There are many things that you cannot tweak, little things like the column width and how you display the information. You end up exporting everything to an Excel file and doing your work there."
  • "The documentation site is horrible as well. It has a tree structure, and you really get lost quite easily."

What other advice do I have?

Don't bother with the web interface, calm down, don't worry, everything will be fine. They will improve it. The rest of it, I don't have any issues. They're technically prepared, the tool does its thing. The only two things I would be patient with are the web interface and that documentation which is not really well organized. Besides that, it's pretty easy. It's pretty easy to configure and, once you start using it, you will see the potential. AlgoSec, Skybox, and all those tools probably have the potential as well. But Tufin is easy enough for everybody. What we don't use, and what we are…
Syahrul Fitri
Specialist in Network Security Operations Support at a financial services firm with 10,001+ employees
Real User
Mar 18, 2019
SecureChange automates everything from the validation to the pushing of rules

What is our primary use case?

We are using Tufin to generate reports on unused rules and for compliance reporting.

Pros and Cons

  • "The most valuable function is the SecureChange where it is able to automate everything from the validation of the rules to the pushing of the rules."
  • "There is room for improvement in the speed of Tufin. It is using so many of my VM resources and yet it is still a bit slow... Even though we are allocating 130 gigs of RAM, we still have to wait for a few minutes for a single report to be generated. Otherwise it would be a perfect tool."

What other advice do I have?

If you are looking at a large environment and a large number of policies, you really need Tufin to help you manage all the rules. We have 25 policies, and each policy has around 1,000 to 1,500 lines of rules. Managing that manually would not be easy. We haven't started using the change impact analysis capabilities of this solution yet. We are still testing it. We are not that familiar with the process yet. Because our team is doing cleanup every three months, we need to keep generating a report every day to have correct visibility: which rules are unused and which rules need to be removed to…
Learn what your peers think about Tufin. Get advice and tips from experienced pros sharing their opinions. Updated: March 2021.
476,483 professionals have used our research since 2012.
ET
Tch40Dr800
Business Director at a tech services company with 201-500 employees
Real User
Mar 11, 2019
Gives our customer the ability to centrally monitor and view all changes made in the network

What is our primary use case?

For us, it's more about managing the policies and having an overview of all the policies that are available, that we currently implement, and bringing them to a central console so that we can have an overview of what's going on. We deploy Tufin for one of our customers, it's not for ourselves.

Pros and Cons

  • "The policy overview is valuable."
  • "Our customer has the ability to centrally monitor and view all changes that have been made in the network, and they are able to revert any problems that they encounter, if somebody has made a problematic change."
  • "The key area for improvement is the integration to F5. One of the things that we encountered with another customer is that there were some limitations when we tried to migrate policies from F5 into Tufin."

What other advice do I have?

The first priority is to evaluate how expensive your firewall family is. If you have, for example, F5 then you would probably have similar problems to what we encountered with F5. But if you are deploying general firewalls, like Palo Alto and Cisco, that's fine. You have to evaluate how you are going to import existing policies and how you are going to monitor those policies when they transfer them across to be centrally managed and monitored by Tufin. In terms of users of the solution, we set up for the customer a central admin who is the main administrator that controls the entire dashboard…
CL
SrAdvisof832
Senior Adviser Cyber Security at a comms service provider with 10,001+ employees
Real User
Mar 5, 2019
It's pretty useful when you have an audit going on, but I don't like the way the reports are shown

What is our primary use case?

We use it for advanced reporting and root analysis. In some cases for clients, we use it for root deployment.

Pros and Cons

  • "It provides a great visibility around the roots: Root implementing which can be done, roots that have changed, and what has been done. So, it's pretty useful when you have an audit going on."
  • "I would rate their reports as a four out of ten. I don't like the way that they are shown. It is too hard to export and send them to our clients."

What other advice do I have?

You need a product like this, but look at difference solutions in the market. I would rate it a seven out of ten. We do not use the product across our entire network. We do not use the cloud native security features. In the future, we will use the solution to check if a change request will violate any security policy rules.
DM
Profferefb28
Professional Services Engineer at a tech services company
Reseller
Mar 5, 2019
While the product was a little slow, it did look full-featured

What is our primary use case?

Our primary use case for this solution is firewall remediation. I didn't get very far with it because I didn't used Tufin in production, only during the evaluation phase.

Pros and Cons

  • "The initial setup was straightforward."
  • "I needed more help getting the product to work in the lab."

What other advice do I have?

Check the product out for yourself. I wasn't using it for visibility into my firewall infrastructure, because I have other avenues. I wasn't using the compliance portion when I was testing it, only the orchestration. I want to look at Tufin for remediation and compliance in the future.
PB
Securitye57f
Security Architect at a manufacturing company with 10,001+ employees
Real User
Mar 5, 2019
Does not natively support all of the Check Point functions

Pros and Cons

  • "We've scaled it to hundreds of firewalls."
  • "It does not natively support all of the Check Point functions which is a big deal."

What other advice do I have?

The topology doesn't work and SecureApp doesn't seem to be a strategic product for Tufin anymore. Proceed cautiously with that in mind. I would rate their SecureChange an eight out of ten. I would give their vision an eight, but for their execution I would give a three out of ten.
MM
Marko Martin
Technical Team Lead at Paragon
Real User
Mar 5, 2019
We have a better view of our compliance status

Pros and Cons

  • "We have a better view of our compliance status."
  • "It is very easy to use. We can get results back quickly."
  • "We found some bugs on the software, but we're working with tech support to fix them."
  • "I would like an improved reporting module which can be flexible (custom reports) and allow us to generate our own reports, because the data is already there."
RP
ChiefInf4325
Chief Information Security Officer at a tech services company with 1,001-5,000 employees
Real User
Mar 5, 2019
We are able to stay compliant with many of the regulations

What is our primary use case?

We do firewall reviews on a quarterly basis.

How has it helped my organization?

It provides me great insight into my firewalls across my organization. We are able to stay compliant with many of the regulations. 

What is most valuable?

The rules, as they change over time, are the most valuable feature. Its capabilities help me grow trust back and have less in-depth experience to go faster.

What do I think about the stability of the solution?

It is very stable.

What do I think about the scalability of the solution?

It is very scalable.

How are customer service and technical support?

The technical support has been on point.

Which solution did I use previously and why did I switch?

The previous solution was all manual.

How was the

Davison Marques
Regional Manager at a tech services company with 11-50 employees
Real User
Mar 5, 2019
The product is flexible and the visibility is fantastic

How has it helped my organization?

The solution helps us meet our compliance needs.

What is most valuable?

The visibility is fantastic. The product is flexible.

What do I think about the scalability of the solution?

The scalability is the best.

Which solution did I use previously and why did I switch?

We previously used a different solution. We switched because of the value the solution could provide us in conjunction with Check Point.

How was the initial setup?

The initial setup was complex. We have a big environment which contributed to the setup's complexity.
SK
SrNetwor9adb
Senior Network Engineer at a financial services firm with 1,001-5,000 employees
Real User
Mar 5, 2019
SecureChange makes our lives easier with automation

What is our primary use case?

Tufin is the product which we do our compliance under. That's one of the requirements. We also do change control tracking: who does what and the impact. The users have reports for best practices and clean up. The primary use case going forward will be automation, changing the internal process by trying to eliminate human errors.

Pros and Cons

  • "SecureChange makes our lives easier with automation."
  • "We will be using the appliance based product, which cannot be scaled as much. It is a limitation in the hardware."

What other advice do I have?

There is room for the product to grow.
FG
ITManage3885
IT Manager at a financial services firm with 10,001+ employees
Real User
Mar 4, 2019
Helps us meet our compliance mandates and has excellent visibility

What is our primary use case?

Our primary use case if for risk compliance.

Pros and Cons

  • "It has helped us to meet our compliance mandates. We have some requirements that we need to provide more visibility on the risk levels of our firewall base and Tufin helped us with that requirement."
  • "I would like to see an improved reporting model that can be flexible for us to generate our own reports. The data's already there."

What other advice do I have?

I would rate it an eight out of ten. It's very easy to use and you can get good results very quickly. We don't use the cloud native security features yet.
CM
Managerfac3
Manager at a manufacturing company with 10,001+ employees
Real User
Mar 4, 2019
Enables us to automatically check if a change request will violate any security policy rules but they should get rid of the REST APIs

What is our primary use case?

Our primary use case is for automation and orchestration.

Pros and Cons

  • "The change workflow process is flexible and customizable. We have one guy who has never logged into Tufin ever in his life. He sits down and in 30 minutes had written an automation routine, then went back and changed it. He did that with no training. For me, that is a major benefit."
  • "I would like to see them get rid of the REST APIs and use something more modern."
  • "I would also like to see them do more cloud integration within the Tufin Orchestration Suite, not within a SaaS solution."

What other advice do I have?

I would rate it a seven out of ten. I would advise someone considering this type of solution to not listen to the sales teams among the competitors. They all throw each other under the bus and a lot of it is not true. Tufin's competitors will tell you how bad of a company that Tufin is and how you can't trust them, and how their stuff doesn't work. Then, Tufin doesn't say anything bad about their competitors. So, don't trust everything that you hear. Do your own research. Do a proof of concept. Get all of the vendors in. Give it a month to test drive. Set it up and let them prove it out. In…
Samuel Taxis
Information Security Engineer at a tech company with 1,001-5,000 employees
Real User
Mar 4, 2019
Reduces the time it takes to solve a problem, which reduces the time of an outage

What is our primary use case?

Our primary use case is for change audit.

Pros and Cons

  • "My team uses it heavily to audit the changes made by junior engineers, going back and figuring out what they messed up, and correcting their mistakes. We generate reports for customer compliance and audits, as well as for regulatory audits."
  • "The reports could be easier to read and more customizable. Also, capturing some of the different versions, and being able to dig through them could be a bit better."

What other advice do I have?

I would rate it a seven out of ten mainly because it does everything really well. In general, it still does what it's supposed to do, and we don't have any issues with it. I would advise someone considering this solution to know exactly what you need before you start the process. Be very thorough, because the devil is in the details and you need to know exactly what you want and need. Then you'll be able to tell which solution is better, and which one gives you the better return on investment.
JR
Securitye949
Security Engineer at Allegiant Air
Real User
Mar 4, 2019
The revision reports are phenomenal, as they really help us to see what was changed and when

What is our primary use case?

We use Tufin for two purposes: * To track all changes on our network equipment, our Cisco gear, F5s, and Check Point. * We use SecureChange. So, we submit any firewall change through SecureChange, then we use that for the approval process. We are trying to have it end-to-end, where it provisions the device, but we're not there yet.

Pros and Cons

  • "Tufin is our audit trail for all changes. We have to be PCI compliant, and it's the tool we go to for enforcing PCI on the network side."
  • "I would like to see more expansion into the cloud and documentation needs improvement. When I try to do something new in the product, the documentation is no help. Something's written there, but it's not enough to help you do what you want to do."
  • "The policy browser has had trouble working. We have experienced bugs."

What other advice do I have?

We are really interested in the Tufin Orca product. * For visibility in the network, I would rate the product as a nine out of ten. * For usability, I would rate the product as a seven out of ten. * For liability, I would rate the product as a nine out of ten.
SB
SeniorCofe32
Senior Consulting Manager at a tech services company with 10,001+ employees
Real User
Mar 4, 2019
Ensures the security policy is followed across our entire hybrid network, but there are a lot of improvements which can be done in terms of visibility

What is our primary use case?

Our primary use case is configuration management and change management.

Pros and Cons

  • "Tufin has improved my organization with its configuration management. It has tremendously improved the operation's success and has made life easier."
  • "I don't get the full visibility. There are a lot of improvements which can be done in terms of visibility."

What other advice do I have?

I would rate it seven out of ten. I would recommend Tufin if someone is considering it. We are still in the process of phasing it in to help us with our compliance mandates.
JS
Security4691
Security Engineer at a manufacturing company with 10,001+ employees
Real User
Mar 4, 2019
We leverage the Unified Security Policy to automate some of our decision-making. The cloud-native security features are lackluster.

What is our primary use case?

Firewall automation and orchestration.

Pros and Cons

  • "It has allowed us to be more efficient in our processing of firewall requests."
  • "The change impact analysis doesn't even get close to actually solving our problems. I am not impressed with it."

What other advice do I have?

While it has its highlights, it has deep issues that need to be addressed. This solution help us ensure that security policy is followed across our hybrid network. Our company doesn't really have federal or regulatory compliance requirements. Spend a lot of time testing and doing a PoC for it, before you make the final decision to go for it.
QL
SrInfoseb35c
Senior Information Security Architect at First Citizens Bank
Real User
Mar 4, 2019
Provides a single pane of glass to see what all our different policies are doing

What is our primary use case?

We use it to manage our policies, consolidate them, and if we see anything missing, we can use it to track that, as well. Right now, we're mainly on-premise. S,o the cloud piece is not being used right now. However, in the future, we will use it. I think it will help tremendously to get a good picture across the board.

Pros and Cons

  • "One of the main things is to look at what policies haven't been hit, so we can remove those remnant policies when people come in, use it, and it's still left on the Check Point. So when a couple of users say, "This is not needed anymore." We'll remove it."
  • "We like the change impact analysis capabilities quite a bit. The only weakness is that the reporting is a bit clunky. We would like to have the reporting be better."

What other advice do I have?

It does what it needs to do for our needs. We are in the process of doing a PoC for the new changes. Currently, it's all reactive. We do the changes, then we review it at a later time.
PD
ITSecuri46f3
IT Security Professional at a pharma/biotech company with 10,001+ employees
Real User
Mar 4, 2019
It provides good visibility because we have a lot of gateways globally, but the product could be more intuitive to use

What is our primary use case?

The primary use case is firewall management, consolidation, and optimization.

Pros and Cons

  • "Tufin allows our say junior guys to learn how to view policies. It gives them a tool that will help them consolidate and optimize."
  • "It could be a little more intuitive."

What other advice do I have?

It is a really good product. It does exactly what you want it to do. Get the training. I didn't get the training. I assume they provide training.
John Fulater
Security Engineering at a financial services firm with 10,001+ employees
Real User
Mar 4, 2019
We can review rules and do searches, as it has its own database which pulls all the information in regularly

What is our primary use case?

We use Tufin to do the review of rules, best practices, changes, and usage. So, it's an outside entity looking in to see what's happening on the rules sides. Then, we can do recertification for our rules, so they can be used again. Tufin puts it together really well, saying what's needed or not, then cleaning things up. We've been a customer for a very long time with them, and we're pretty pleased.

Pros and Cons

  • "We just got done with major audits. Tufin was able to provide information to give back to people, and say, "Hey, this is what I need to do, and what we're doing.""
  • "We were just talking to them about usage for the F5 platform. They will not be going after specific environments, but a more OpenAPI. They will have other companies write it, etc. It's a little different than I had expected."

What other advice do I have?

Buy Tufin because it works! I love the product. It's been a great product to work with. The people are great, and the support is awesome. I have had no downside out of it. We're just getting started on the change workflow. So, we're learning it, and it's working well. It helps with our review process. We do a peer review, saying "Hi, here's all the changes," then you can look at it and go, "Oops I forgot something," or, "I don't think that was in any drop," and we can go back and review that. This is where it helps us minimizes errors. Before Tufin, we would not end up not catching these…
OJ
Consulta38b6
Consultant at Sirius Computer Solutions
Consultant
Mar 4, 2019
It saves a lot of work, time, and effort required to do all of our manual work

What is our primary use case?

It's mainly for the automation of policies.

Pros and Cons

  • "The automation because it is saving a lot of work, time, and effort required to do all of our manual work. The change impact analysis is pretty good, and with the automation, it takes care of a lot of things which we would be doing manually."
  • "The change workflow process is flexible and customizable to some extent, but there is room for improvement. In some cases, we've found it difficult to get the exact thing which we were looking for. Then, we end up having to go and do the thing manually."

What other advice do I have?

I would suggest looking at not just the features and functionality which are specific to the environment which you are working in, but to be aware of the other features which the product has to offer. Because companies grow and things change, so it's always good to have at least a complete idea of what the product does and how it does it.
SM
Security1d40
Security Analyst at a government with 1,001-5,000 employees
Real User
Mar 3, 2019
We are able to design and monitor different rule sets in the three different domains that we control

What is our primary use case?

Our primary use case is firewall monitoring, rule changes, and logging.

Pros and Cons

  • "Its ability to detect changes within our firewall."
  • "I would like a better reporting feature and automatic alerting based upon rule changes."

What other advice do I have?

Really dig deep and understand your use cases, then what exactly you're looking for out of the solution. It has allowed us to maintain particular rules in regards to CJIS and HIPAA compliance. We have multiple networks connected to this solution. So, we are able to design and monitor different rule sets in the three different domains that we control.
ST
Salvador Teran
Network Security at a tech services company with 5,001-10,000 employees
Real User
Mar 3, 2019
We can have automated reports, even with security and compliance

What is our primary use case?

The primary case is to get more compliance and security with good performance. We use Tufin to use some Check Point products. The product is for the way we manage our security, performance, and boxes.

Pros and Cons

  • "We can get reports with Tufin at anytime. We can have automated reports, even with security and compliance."
  • "I would like to simplify the reports, and maybe have another view besides the charts. Possibly they could be more graphical."

What other advice do I have?

I would recommend Tufin. They are very helpful for IT organizations, as they continue improving SecureChange. With our security plan, we can see how Tufin meets the basic requirements. Then, we can go and customize if there is any risk, which might be interfering with ports or external networks.
BN
NetworkS3480
Network Security at a insurance company with 1,001-5,000 employees
Real User
Mar 3, 2019
The product streamlines our change management process

What is our primary use case?

The primary use case is for firewall auditing. We use it for audit monitoring, login changes, and firewall changes. We are looking at automation, but not yet.

Pros and Cons

  • "The product streamlines our change management process."
  • "The product is good at auditing the changes that we make in our environment."
  • "There were some hiccups here and there with the initial setup."

What other advice do I have?

Seriously Tufin for your final decision.
Shawn Babinyecz
Cyber Security Engineer at a healthcare company with 10,001+ employees
Real User
Mar 3, 2019
It has very good visibility with all our devices

What is our primary use case?

Our primary use case is firewall management and policy management.

Pros and Cons

  • "We find it to be flexible. If we have a change that needs to be done, it will go ahead and do it for all our devices, regardless of the manufacturer that we have associated with it."
  • "I would like easier integration with more automation."

What other advice do I have?

It's very solid product. There are definitely a few things that I wish I could do with it, but I'm so new to the product that maybe I'm just not looking at the right spots. Try it out. It's pretty cool. I was very impressed with the initial presentation and how it could automate everything. It's just that getting to the point where you want it to do what you need it to do is definitely time-consuming and a lot of work. However, I think it will be worth it in the end. We are working to use this solution to automatically check if a change request will violate any security policy rules. We are…
JD
NetworkS6585
Network Security at a transportation company with 10,001+ employees
Real User
Mar 3, 2019
The change impact analysis capabilities of this solution are good

What is our primary use case?

We are using SecureChange to start orchestrating a lot of our changes. Our users can then request changes instead of having to go directly to us. We are trying to automate some of those pieces.

Pros and Cons

  • "The visibility is very good. We have managers who are overseeing it, and they are approving things through it."
  • "The hardest piece is getting the matrix built."

What other advice do I have?

It is a good solution, somewhat easy to implement, and gives you a lot of information. It takes time to learn all the little nuances of it. I don't think we're using cloud native security quite yet.
Valentino Kusmic
Owner at Concepts Solutions Informatiques
User
Oct 9, 2018
The designer gives the ability to know where to add a rule or if a rule is already in place

What is our primary use case?

Firewall policy management over all firewalls from one single point. We browse policies, objects, and their usage. The report gives us an image of where risks are.

Pros and Cons

  • "The designer gives the ability to know where to add a rule, or if the rule is already in place."
  • "It would be great to add a link to Visio to create shapes directly from Tufin, as it has the configuration."
MT
NetwEng3023
Network Engineer at a tech services company with 11-50 employees
Consultant
Aug 7, 2018
Enables us to query the rules and understand in which files the rules are configured

What is our primary use case?

We use it for compliance, and the performance is good.

Pros and Cons

  • "Valuable features include a central pane of management for all the firewalls and the ability to do queries on the rules and understand in which files the rules are configured."
  • "It needs better reporting with more graphics and more pie charts, so management can understand details. The reports that are done now are full of data and management would like to have an image to help understand, right away, what the reports are saying."

What other advice do I have?

Plan ahead because the implementation of Tufin is hard if you don't have an idea of what you want to do. Without a plan, it will be hard to get it working. When I'm selecting a vendor, I read the opinion of other people who use the product. I want to learn if it is buggy and if it is doing what people need it to do. I rate Tufin at about eight out of 10 because they really need to improve the reporting.
MT
NetwEng3023
Network Engineer at a tech services company with 11-50 employees
Consultant
Jul 26, 2018
We are able to discover firewall rules that are too broad and widen the security footprint

What is our primary use case?

We were looking for a solution to provide firewall rule management that would enable us to choose which firewall rules to keep and which to eliminate.

How has it helped my organization?

Now we can confidently remove firewall rules that are not needed and make the configuration of firewalls more strict.

What is most valuable?

We are able to discover firewall rules that are too broad and widen the security footprint.

What needs improvement?

This solution would benefit from an improved reporting functionality with graphing so that reports can be presented to management.

For how long have I used the solution?

One to three years.
it_user363600
Founder at a tech services company
Consultant
Apr 2, 2017
The product suite itself brings together organizational units. They can have their own interface and ability to understand what different parts of the company are doing.

What other advice do I have?

We often find customers that have purchased this product for a specific purpose and they limit its use to only that purpose. Do yourself a favor and really explore the entire product and maximize the features and functionality of what you have purchased.
it_user376773
Global Network Security Specialist at a pharma/biotech company with 10,001+ employees
Vendor
Jan 16, 2017
Object look-up is valuable. When someone needs to know about a particular endpoint, we only need to type in the IP address.

What other advice do I have?

It already does traffic analysis and secure change. We've got the secure app so we can keep track of the business critical things. They shouldn't change that. I love the left-hand pane, and being able to navigate that and being able to see things in the split pane on the right-hand side. There are other vendors out there who will decide I need to just have everything at the top and scroll down. The best thing to do would be get all your firewalls in there and let it bake overnight. It does take some time to collect the data in the config files. Once that's done, teach your help desk staff and…
it_user489207
Security Architect at a healthcare company with 1,001-5,000 employees
Vendor
Aug 31, 2016
Improved policy management. With SecureTrack, I can track the policy and find all the policies that we're not using.

What other advice do I have?

Let Tufin help you see what can be. Make the tool work for you and be creative. You can't always use it in a certain way. There are many ways to use a tool. You just have to be creative on how you use the tool. Find holes and ways to use it. Figure out how you use the tool, and then figure out if you can create a process out of it, so you are not only using it when you are free. You want to use it as a process because it has to be repeatable. If something is not repeatable, there's no way to improve the process. If I'm going to find a policy right now and I don't repeat that process, those…
it_user489222
Security Engineer at a retailer with 1,001-5,000 employees
Vendor
Aug 31, 2016
We like the side-by-side policy revision comparisons and the ability to list all policies. I’d like to see it work with F5.

What other advice do I have?

Keep in mind that you're only going to get the network security layer of the Check Point showing up on the recording. You're not going to get all of the software blades that come along with it. One of the things my manager was disappointed to find was that we weren't able to gather that information.
it_user489249
Network Security Engineer at a pharma/biotech company with 10,001+ employees
Vendor
Aug 17, 2016
I like how it optimizes your policy, and does a compliance check and risk analysis.

What other advice do I have?

I hope that Tufin just keeps doing what they’ve been doing. We look forward for future enhancements.
it_user489240
Consulting Information Security Engineer at HCA
Vendor
Aug 17, 2016
Automated reporting is quite valuable. I also like the ability to get visibility without giving someone admin rights in the Check Point consoles.

What other advice do I have?

Learn it and dig into it, because it's got some great capabilities. For me, it's been great.
it_user489237
Network Security Operations Manager at a non-tech company with 1,001-5,000 employees
Vendor
Aug 17, 2016
We use it to record policy changes, and the speed is good.
it_user489234
Staff Specialist at a financial services firm with 10,001+ employees
Vendor
Aug 17, 2016
We're a Check Point shop and it works well.

What other advice do I have?

Try it. It's a great relationship, but it's also a great product to work with.
it_user489219
Senior Security Engineer at a hospitality company with 1,001-5,000 employees
Vendor
Aug 17, 2016
We use SecureTrack for tracking unused rules. I’d like to see the application topology developed more.

What other advice do I have?

If you're in a large environment, a large enterprise, it's a good tool. It does certainly help with the workload. For the app team who are trying to develop the applications, it makes them more accountable for how it's supposed to work.
it_user489216
WAN Border Engineer at a pharma/biotech company with 10,001+ employees
Vendor
Aug 11, 2016
You can kind of see where the flows are coming and how they're working.

Valuable Features:

The ability to compare the old policy and the new policies is real handy. The topology view is really good.  You can kind of see where the flows are coming and how they're working.

Room for Improvement:

I come more from the WAN space as opposed to the security space, so I would obviously like to see Tufin integrate with Cisco routers. There's room for more integrations with other products.

Use of Solution:

I'm just kind of getting into it, so I don't think I have the full breadth of the product personally, but it is pretty usable.

Stability Issues:

It's been stable in our environment.

Scalability Issues:

We haven't had any trouble scaling it. We have about 100 policies. There haven’t been any issues with speed, as far as I can tell.
it_user489246
Network Engineer at a financial services firm with 10,001+ employees
Vendor
Aug 11, 2016
Helps us with troubleshooting to find out what changed. Patching and speed are issues.

What other advice do I have?

It works well. It’s something you would send a colleague to use. It gives a nice process flow as far as the end user putting something in, having governance check, and being able to have multiple work screens because we have different areas of the company and different processes. They have to have different work flows. We use multiple work flows. That's handy. You can build those in, you select from the beginning and then you're off and running.
it_user489258
Senior Network Security Engineer at a government with 1,001-5,000 employees
Vendor
Aug 11, 2016
Good for retrieval and for policy remediation, as far as cleaning up policies.

What other advice do I have?

Define exactly the specifics of what you need it for. If you need it for remediation of policies, then it's definitely the product to go to.
it_user489264
Sr Network Security Engineer with 1,001-5,000 employees
Vendor
Aug 11, 2016
I permanently use it for their Automatic Policy Generator, and for object lookup.

What other advice do I have?

It’s a pretty good product. The PCI compliance piece probably accounts for the rating of 8 as opposed to ten. As far as comparing Tufin with another product, I would just look at some of Tufin’s features like the APG that is not used that often, but it's a really good feature. They do also have an extended tool section where you can kind of get a little bit more in depth.
it_user489336
Network Security Engineer at a hospitality company with 1,001-5,000 employees
Vendor
Aug 11, 2016
The most valuable feature that I've found is rule optimization. Another benefit is the complete set of all rules.

What other advice do I have?

It all depends upon the environment that you’re using. Compare it to other vendors, like FireMon and AlgoSec, and then you can rate the products and decide what to use and what not to use.
it_user489228
Security Architect at HCA
Vendor
Aug 4, 2016
It’s nice to have a central location for remediating rules that are not compliant. I hope they add the ability to manage NATs and improve the interface.

What other advice do I have?

Dive in.
it_user489252
Security Engineer at a non-tech company with 1,001-5,000 employees
Vendor
Aug 4, 2016
I've been converting from ASAs to Check Point. I used Tufin to analyze all the rule bases to get rid of what I don't need, and create less permissive rules.

What other advice do I have?

All the competitors have their niches. Not one of them does anything perfectly. If you're comparing these type of management products, you want to look at what you're really going to use it for.
it_user489255
Security Operations Engineer at a hospitality company with 1,001-5,000 employees
Vendor
Aug 4, 2016
I use it for traffic analysis, to check the traffic hitting a specific rule, for rule consolidation and so on.

What other advice do I have?

It's a good tool. We would need a view of all the tabs, for the analysis. If it's pretty fast, that should be good for us.
it_user489243
Security Engineer at a financial services firm with 10,001+ employees
Vendor
Aug 4, 2016
We're using SecureTrack, and the most valuable feature for us is the accurate reporting it provides.

What other advice do I have?

Work with the sales teams directly, because they seem very willing to be flexible with the development side. Every organization has different needs. Tufin’s willingness to be flexible impressed me.
it_user489261
Senior Network Security Engineer at a financial services firm with 10,001+ employees
Vendor
Aug 4, 2016
Searching for a specific rule, it shows whether an object exists. If it does, it shows what is in place and if we need to add something.

What other advice do I have?

It would be beneficial to get some kind of training from someone who knows the product, maybe from Tufin or someone else familiar with the product and the features. I know it can offer a lot, and you want to use its full potential.
it_user489210
Security Engineer at a healthcare company with 1,001-5,000 employees
Vendor
Aug 4, 2016
It can look at specific metrics across technologies. We would like the ability to correlate it with other toolsets

What other advice do I have?

If the tool meets your needs, evaluation process wise, then you should make sure that you reap the benefits. It has a lot of functions, and a lot of benefits and features. Start using them all.
it_user399324
Network Lead - Security Architecture at a retailer with 10,001+ employees
Vendor
Aug 3, 2016
The value for me is the ease of implementation. We also like the UI and scalability.

What other advice do I have?

You're going to be really shocked with the first couple of reports that show stuff about which you had no idea. Let it go and get buy-in from as many other groups as you can. If security and network are separate, get network involved to access devices that will provide a clear picture of everything, especially of topology. Build those bridges ahead of time and present it more as a collaborative tool and not a "I'm watching you" tool.
it_user488118
Security Engineer at a financial services firm with 10,001+ employees
Vendor
Jul 29, 2016
Policy analysis is the product’s most valuable feature.

What other advice do I have?

Based on looking at some of the other products out there, Tufin is definitely the leader of the pack. It's a good choice. Make sure you buy enough hardware, and make sure you know how you're going to use it. A lot of the features get very processor- and database-intensive, and you should have the proper gear to use it.
it_user488112
Senior Security Engineer at a hospitality company with 1,001-5,000 employees
Vendor
Jul 29, 2016
I like the compliance portion of the SecureApp feature, where you build your security database.

What other advice do I have?

It's a pretty useful tool if you have a large environment with a lot of devices and you're trying to make it easier for the technicians to basically pawn the work off and make the application team more accountable. With the limited knowledge I have of it and the limited use, I would probably give them an 8. I never give anyone 10's or 9's.
it_user488103
Security Consultant at a tech services company with 1,001-5,000 employees
Consultant
Jul 29, 2016
We use Tufin for oversight and revision control to avoid implementing rules that are against security policy documentation.

What other advice do I have?

I’m rating the product a nine just because I’m stingy with my tens. Tufin delivers on everything that we've asked them. For a similar use case, they're solid and you're not going to have any kind of surprises or issues that are going to crop up from what I've seen. As an administrator rolling something out and having it work the first time, that's pretty much all you can ask for.
it_user488088
Staff Specialist at a financial services firm with 10,001+ employees
Vendor
Jul 29, 2016
It allows us to use the compliance portion of it to do our compliance reports.

What other advice do I have?

They're constantly upgrading, they're constantly adding new things to it. That's a good sign. As the technology changes, they're on the forefront of it to get you those reports and use that technology in their new functionality. They just need to keep doing what they're doing.
it_user488085
Sr. Security Administrator at a consultancy with 1,001-5,000 employees
Consultant
Jul 29, 2016
Most of the valuable features have to do with the reporting and the cleanup of policy.

What other advice do I have?

It's a great product. It's pretty straightforward to use. It meets our needs and great support overall.
it_user483819
Security Manager at a financial services firm with 10,001+ employees
Vendor
Jul 21, 2016
I like being able to use the historical data and well as compare what changed.

What other advice do I have?

Play with the tools. See what kind of reasons you think you'd need to use it. Why are you looking for this tool to begin with? See how easy it is to pick up for your team. They may not be familiar with a tool; let them play with it for a few minutes and see. Give them a task. How easy was it to get that task done?
it_user483810
VP of Engineering at Netanium
Consultant
Jul 21, 2016
The key area is the automation that it allows in place of manual reviews.

What other advice do I have?

Criteria when selecting a vendor -I think it's looking at your current processes and where you'd like to be is really what it comes down to. If you're frustrated with the ways things are working, think about the way you'd like it to be and then see what product fits into that mindset for you.
it_user483795
Senior Security Network Engineer at a financial services firm with 10,001+ employees
Vendor
Jul 21, 2016
It's able to give us reports that tell us which rules in our policies are not needed.

What other advice do I have?

I would recommend it. With a tool like this, spend a few dollars to bring in their professional services to help out. Tufin is not going to be for a really small company. One of the important things is that you need to get your network team on-board.
it_user483792
Director, Enterprise IT Security and Compliance at a transportation company with 1,001-5,000 employees
Vendor
Jul 21, 2016
Easy to log in, to navigate, to produce reports and to create workflows.

What other advice do I have?

I would rate it a nine out of ten, since there's room for improvements, as always.
it_user483786
Network Security Engineer at a transportation company with 1,001-5,000 employees
Vendor
Jul 21, 2016
We Chose Tufin for its Ease of Use, Customization, and Workflow.

What other advice do I have?

I would give it a nine out of ten. It’s been a great product so far. I'd just like some more customization.
it_user479352
Network Consultant at a healthcare company with 1,001-5,000 employees
Vendor
Jul 14, 2016
There's a Lot of Depth to the Product, From Automation to Reporting Capabilites.

What other advice do I have?

I would rate it a nine out of ten, comparing it to other solutions in the market and the value that it’s provided to us already. I lowered the score because of the deficiencies I wrote about previously, but didn’t lower it that much because they are aware of it, they have addressed our questions, and they have it on the roadmap.
it_user479343
Senior Advisor Security Architect at a comms service provider with 10,001+ employees
Vendor
Jul 14, 2016
Tufin Lets Us Clean Up the Rule Base Quickly and Remove Unused Rules.

What other advice do I have?

I would give Tufin an 8 out of ten because some vendors own multi-contexts, and there are challenges supporting these devices. We are having issues with the Juniper device, for example.
it_user479295
HoD IP MPLS Department at a comms service provider with 1,001-5,000 employees
Vendor
Jul 14, 2016
Being able to run reports to see which rules aren't needed is useful. It allows me to optimize the policies.

What other advice do I have?

My experience with Tufin has been good. We haven’t had any technical issues and the features that I have seen in the software so far are excellent.
it_user479277
Security Specialist at a financial services firm with 501-1,000 employees
Vendor
Jul 14, 2016
It’s not a dangerous solution because we use it for looking at things and not for making changes.

What other advice do I have?

I have no problems with Tufin, and it works great, but I would have to give it an eight out of ten. It’s just not as amazing as some of the other technologies I use, like Lancope StealthWatch. I wouldn’t tell anyone to stay away from it—It’s just a good idea to look at the competition and see what’s out there.
it_user477891
IT Security Engineer at a energy/utilities company with 1,001-5,000 employees
Vendor
Jul 12, 2016
Gives you the ability see what changes have been made and who made them, as well as pinpoint what has changed.

What other advice do I have?

If I had to rate it one to ten, I’d give it a nine, since there’s room for improvement, even though they’ve been doing a lot of improvements over the years. I would also say that if you buy the product make use of it. There are more features available than you always realize, so a lot of times you might try the harder way first because you are used to working that way. You might discover that your life can get a lot easier.
it_user476727
Security Engineer at a financial services firm with 1,001-5,000 employees
Vendor
Jul 10, 2016
We use it as an auditing tool, since it’s a risk-based approach, which fits a lot of the needs of our auditors.

What other advice do I have?

I would give it an 8 on a scale of 1-10 because it works really well in helping you create your own reports. You can drill down into each of the different risks that are in the environment and take action on it. It actually tells you, in a descriptive manner, what the issue is and how to fix it.
it_user475923
Security Engineer at a retailer with 10,001+ employees
Vendor
Jul 7, 2016
The best feature is being able to query all our devices to find unused rules and objects and then clean them up.

What other advice do I have?

Rating: because it's our unique older version, I'd give it a 6 or 7 but we only use it for reporting and cleanup. If we had the latest version, I'd easily give it an 8 or 9 because it can do so much more.
it_user475917
Director of Network and System Engineering at Allegiant Air
Vendor
Jul 7, 2016
Provides insight into all changes that are done within your network.

What other advice do I have?

If you don't have a product like Tufin, get a product like Tufin because it's amazing. It gives you insight into all changes that are done within your network. It's awesome, and it gives you the ability to manage it even though we haven't rolled that piece out ourselves yet.
it_user475893
Manager at a pharma/biotech company with 1,001-5,000 employees
Vendor
Jul 7, 2016
There are a lot of advanced features that we've investigated but the real core strength is for our compliance team to be able to pull the rule usage reports.

What other advice do I have?

Regarding cloud solutions, it's going to be very interesting to do the security assessments with them.
it_user401487
Security Architect at a wholesaler/distributor with 5,001-10,000 employees
Vendor
Jul 7, 2016
Identifies redundant rules that we're not aware of.

What other advice do I have?

It fits in as part of the bigger picture. At the end of the day, I wish the firewall products themselves could do some of that stuff inherent to their own solution. Make sure you understand the capabilities and use it for what it's intended. It's not going to tell you the intent of rules, it's not going to tell you if it's a good rule or is it a bad rule, but it's going to help you with firewall clean-up or redundancy. It doesn't help a firewall admin create a better rule.
it_user437154
Network Admin at a media company with 51-200 employees
Vendor
Jul 7, 2016
SecureChange is the most valuable feature as it shows the difference between policies and proxies that affect performance.

Valuable Features

SecureChange is the most valuable feature as it shows the difference between policies and proxies that affect performance, such as the router or switches.

Room for Improvement

The user interface could be improved. It's currently not very user friendly and is not very attractive.

Deployment Issues

We've had no issues deploying it.

Stability Issues

It is very stable. We've had no issues with instability.

Scalability Issues

We have 600 objects in it and it's able to work well for all of them.

Customer Service and Technical Support

Technical support was very good when I needed their help with significant upgrades.

Initial Setup

The initial setup was very easy and straightforward. It wasn't complex or difficult at all.

Implementation Team

We…
it_user437172
IT Architect at a tech company with 10,001+ employees
MSP
Jul 3, 2016
You can search through policies of different firewalls with one step.
it_user437166
Network Engineer with 1,001-5,000 employees
Vendor
Jun 24, 2016
We now have rule based analysis, and we can move in, see unused rules, and try to optimize the rule base.

What other advice do I have?

It's done a good job. We've not fully utilized all of its features, we've hardly scratched the surface really, it's a powerful bit of tech and we've pretty much used it for a specific purpose that we purchased it for and realized it can be used a lot more, having said that we ended up purchasing second shares as well. We are now in the process of testing SecureChange because that was something that was really pushed through quite recently. For us it works, it's a great solution, but that's not to say that there isn't a better one out there. Anyone that looks and researches, they probably look…
it_user437163
Network, Telecom and Storage Manager at a financial services firm with 1,001-5,000 employees
Vendor
Jun 24, 2016
We were able to reduce the number of rules we had.

What other advice do I have?

Prior to implementing, you need to know the needs for each project. If you know the needs, you will probably meet expectations.
it_user466629
Manager, Information Security at Neustar
Vendor
Jun 22, 2016
We are starting to use it more as a compliance tool as opposed to just for tracking changes and backups.

What other advice do I have?

I really, really like the solution and we’ve been really happy with Tufin. Even though our Tufin sales rep recently changed, they've always been engaged with us. They hit us up pretty often to find out if there's anything that we need, or if there's anything that they can do to improve or even expand the use of their product.
it_user466632
Manager, Security Engineering and Operations at a retailer with 1,001-5,000 employees
Vendor
Jun 22, 2016
We can provide evidence that nothing's getting into the environment that isn't already approved to go in.

What other advice do I have?

The most important criteria for me is hit count, how often the rules are being used and visibility. All of that is critical information to optimizing our policies. I'm the manager of a team of six engineers. The feedback that I get from them – and they're very vocal – is that they love the product. It's great. I'm a tough rater, and I probably wouldn’t give a 10 to anybody. But I would say Tufin is an 8. As far as software products go, it delivers.
it_user437130
Head of I.T. Security at a insurance company with 1,001-5,000 employees
Vendor
Jun 16, 2016
Optimizing my firewalls and the reporting functionality are the main reasons I initially chose this solution.

What other advice do I have?

I'd definitely say go with Tufin as it's a brilliant solution. What is brilliant is the firewalls themselves. I'd check out CheckPoint as well to make sure that the solution meets your needs and works with your plans. It doesn't matter what CheckPoint plans you use, Tufin works with them all.
it_user437175
Telecommunication Engineer at Vodafone
Vendor
Jun 16, 2016
What I like most is the end to end view which is quite important for supporting the design teams.

What other advice do I have?

I think we’re not using it for all the devices we intend to use it for, but somewhere in the middle. It works, it's as simple as that because we noticed the difference after we got it working, and we immediately saw the advantages of having it.
it_user437157
Group IT Governance - IT Security Engineer at a financial services firm with 10,001+ employees
Vendor
Jun 16, 2016
It gives us a better view of the rules. We found that we can send invites to the owner of the application to find out if they still needs to use it. If they don't, we can then remove it.

What other advice do I have?

We are very happy and it's a good product We take the reports, we see the zero keys, we see no rules that are not used, rules left over, I focus on those because this is my field.
it_user437133
Network & Security Service Delivery Manager in Spain at a transportation company with 10,001+ employees
Vendor
Jun 16, 2016
Depending on the kind of device, we can correlate information from both the device and from the client.
it_user437121
Manager, Group Leader at a tech services company with 1,001-5,000 employees
Consultant
Jun 16, 2016
The configuration control helps us comply with company policy.
it_user437148
Security Consultant at a tech company with 501-1,000 employees
Vendor
Jun 9, 2016
Allows us to more easily implement rules because of the overview of policies it provides.
it_user437160
Unified Messaging Technical Architect at a financial services firm with 10,001+ employees
Vendor
Jun 9, 2016
Tickets can be dispatched automatically and analyzed prior to them being validated by the security teams. The stability could be improved.
it_user437178
Network Security Consultant at a tech company with 10,001+ employees
MSP
Jun 9, 2016
We've been using it for 4 to 5 years, mainly for rule base analysis.

What other advice do I have?

If you follow the instructions you're good.
it_user182367
Network Specialist with 51-200 employees
Vendor
Jun 9, 2016
Allows us to run a report to see changes that were made and roll them back if necessary.

What other advice do I have?

Once the application control is in the system, it is a great product.
it_user437151
Network Security Architect at a tech company with 10,001+ employees
Vendor
May 31, 2016
It gives me a unified policy across multiple vendors. I would like it to support routers in multi-vendor environments.

What other advice do I have?

You should do a preview of each solution that you're interested in. Use it first and then decide if you want to buy it. Nowadays it's easy.
it_user437142
Senior Security Consultant at a comms service provider with 10,001+ employees
Vendor
May 29, 2016
We use it for PCI audit compliance.
it_user437187
General Manager at a tech services company with 51-200 employees
Consultant
May 25, 2016
The most valuable feature for us is SecureTrack. With it, we have rule documentation, change documentation, and the ability to create various reports.
it_user437190
IT Security Consultant at a tech consulting company with 51-200 employees
Consultant
May 23, 2016
On a daily basis, the most valuable feature is the integration of different products. We're able to see reports and audits from a single console.
it_user437139
Owner at a security firm with 51-200 employees
Vendor
May 23, 2016
We're able to easily and quickly find out what our colleagues did and to mitigate that if it has caused any problems.

What other advice do I have?

This is true for Tufin and as well for many of the security vendors and their products. I think it's very important just to get started or get the easy wins first, and then go to the solution afterwards. With Tufin, I think it's very, very easy to get big easy wins up front with all the documentation and all the tracking, just to get started and move forward from there.
it_user437193
IT-Security - Consulting (Licensing, Maintenance) at a tech consulting company with 501-1,000 employees
Consultant
May 20, 2016
It addresses the weaknesses of our internal customers and we can perform changes in real-time.

What other advice do I have?

Just try it out. You should perform Proof of Concept and you’ll be reaping the benefits and seeing it’s a good product.
it_user437181
Senior Network Engineer at a financial services firm with 1,001-5,000 employees
Vendor
May 11, 2016
It tells us where to put our policy on both the front and back ends, as well as in the configuration files.

What other advice do I have?

For us, it works, so why can't it work for you?
it_user437145
Head of Network and Security at a financial services firm with 1,001-5,000 employees
Vendor
May 11, 2016
We use SecureTrack to walk us through the implementations of our firewalls and for all our policy checks, reporting and overview of our monitoring policies.

What other advice do I have?

Give it a try.
it_user437169
IT Sec Operations at a tech company with 10,001+ employees
Vendor
May 11, 2016
We don't have to analyze the entire rule set anymore because it tells us whether each specific rule matches policy or not.

What other advice do I have?

Tufin SecureTrack has been great for us.
it_user437136
Network System Architect / Technical Project Leader at a local government with 1,001-5,000 employees
Vendor
May 5, 2016
The multi-vendor support is the most important feature because our system has integrations of software and hardware from many vendors. I think that it needs to be in the cloud.
it_user437127
Security Solution Architect at a tech services company with 1,001-5,000 employees
Consultant
May 5, 2016
The integration between topology, security, and workflow is powerful.
it_user437124
Web Technology and Security Manager at LYRECO with 1,001-5,000 employees
Vendor
May 5, 2016
We track changes to our infrastructure, such as when the administrator makes new rules.

What other advice do I have?

Try it and you will like it.
it_user400740
Sr. Security Architect at a tech services company with 1,001-5,000 employees
Consultant
Mar 9, 2016
We can see what changes are happening on our security devices at the moment that they're done, so if mistakes happen, we can catch them before there is a disaster.

What other advice do I have?

Just buy it. Don't even think about any other product. Just buy it.
it_user400692
Security Advisor at a financial services firm with 10,001+ employees
Real User
Mar 7, 2016
We're able to generate reports to know what's going on with our rules, specifically expiration dates and PCI's, for our firewalls.
it_user375474
Security Evangelist
Vendor
Jan 31, 2016
Allows uses to compare the revisions of the devices, analyze the network and generate reports.

What other advice do I have?

Surely, I would recommend this product in implementing. If the organization has a large network and different firewalls/network devices; Tufin really helps a lot. We are a Cyber Security Products and Services company. We resell Tufin products and provide Tufin technical services.
it_user369300
CEO at Irvin Networks
Vendor
Jan 14, 2016
It's assisted and steamlined the change process for firewalls, routers and switching ACLs.

What other advice do I have?

My advice would be to do your research first on the product. Make sure it's going to cover everything you need, which it does. They have several uses for Tufin, several models as far as function like Securetracks, Securechange and the Secureapp, so you've got to do your research and someone may need all of the orchestration, the full Orchestration Suite. I would ask you to just research it, make sure you get what you need because quite often people go to buy Tufin and they go to buy the Securetrack just the Securetrack firewall changes, that they end up getting a quote for Securechange…
it_user355590
Senior Network Engineer at a financial services firm with 10,001+ employees
Vendor
Dec 13, 2015
we have it in place where it will notify us if an engineer inadvertently violates a high-risk rule, and it even does this if they pre-stage a rule, so before they push it we can find out.
it_user340728
Principle Mbr. Tech. Staff at a comms service provider with 10,001+ employees
Real User
Nov 22, 2015
They give us one vendor for both TOS operating system and TSS application. I'd like to add third party RPMs to expand system functionality that's retained across updates.

What other advice do I have?

Tufin is still growing and adding new features to its TSS applications suite. I don't believe your company would make the wrong choice if the products meet your company's requirements. Their latest product offerings of TOS run on virtual machines, and their near-future promise of a distributed central database (scalability improvements) should not be overlooked.
it_user335712
Senior Network Security Engineer at a retailer with 10,001+ employees
Vendor
Nov 17, 2015
Using SecureChange and SecureApp, it makes life easier for the user community and the firewall engineers by not having to manually input firewall rules.

What other advice do I have?

It’s the Swiss army knife of tools. I’m sold on it. It’s so easy to use. We use it to its full potential. It has some great bells and whistles.
it_user308643
Information Security Analyst at a transportation company with 1,001-5,000 employees
Vendor
Nov 17, 2015
We use the SecureTrack module for firewall audits and analyses. While some devices are not reporting correctly to it, it could be a software compatibility issue requiring an update on our side.

What other advice do I have?

Pretty good, very supportive, understanding and recognizing we need to move in a phased manner. They are definitely in it for the long term. Support and professional services, we will require going in to the future.
it_user298422
Senior Information Security Engineer at a financial services firm with 501-1,000 employees
Vendor
Aug 27, 2015
It allows us to evaluate and build matrices and to see how rules work with it to see whether they are secure.

What other advice do I have?

Try to get a training course on what it can do, so that when you go to implement it you can get the most out of it. If I had known all the features from a training class, I would have implemented it differently from the guy who did it for us.
it_user288696
Network & Security Operations Manager at a retailer with 1,001-5,000 employees
Vendor
Aug 10, 2015
It's a complete product, and we find the SecureTrack and SecureChange features to be most valuable to us.

What other advice do I have?

I recommend this solution. In our case, it was the missing part to be able to provide a better service to our clients.
Buyer's Guide
Download our free Tufin Report and get advice and tips from experienced pros sharing their opinions.