How do you or your organization use this solution?
Please share with us so that your peers can learn from your experiences.
We use this solution for Firewall audit, compliance, and some automation.
We use this solution for recertifying connections, application-based automation, and compliance with regulations.
We are using Tufin to manage our multi-vendor firewall environment. We are using the Secure Change workflow to request, asses, and implement Firewall requests. Secure Track is used from our Security and Audit department for regular policy reviews.
We use SecureTrack for troubleshooting, APG (Automatic Policy Generator), implementation of new requests, change monitoring, rule and object usage reports. This solution provides an unified display of rules across vendors. We use this solution e.g. for cleanup and processing of shadowed rules.
We use Tufin for firewall management, firewall compliance monitoring, and unified policy implementation.
Right now, we are just using it for SecureTrack. Next year, we have plans to buy the license for SecureChange as well. I think we're using version 18, and we are in the process of upgrading it to 19-2
The primary use case is locking down the firewalls to Zero Trust and automating the risk assessments.
We are using it mostly for reporting, as well as NERC CIP compliance for rule documentation. The primary use case is for doing rule cleanup, knocking down overly permissive rules, and cleaning up old unused rules. Basically, we are using the reporting functionality out of SecureTrack.
The primary use case is tickets.
The primary use case is firewall analysis. We use SecureTrack, which is great.
We use SecureTrack and SecureChange to manage all of our firewalls. We use the latest version.
* Firewall audits * Firewall rule processing * Path analysis
Automate the firewall change via SecureChange Workflow
The primary use case is for compliance with PCI regulation for local and country regulations. We are using the latest version of the product.
We use it for rule re-certification and rule review. Twice a week, we use the Tufin report to see what changes or adds were done to the policies. Finally, we also use it for rule automation. We have it integrated with ServiceNow for rule requests.
Primarily, it is being used as a type of security auditing control on our firewalls. We are in the middle of a new project acquiring dedicated new hardware while building out SecureTrack and SecureChange. After this initial project, and building out all that infrastructure is done, then there will be a project to kick off some of the automation and orchestration type stuff to try and improve some of those processes for the IT group. The goal is to use it to revalidate, clean up, and optimize firewall policies, but we are not there yet. The company has had the product in place for a while. I am giving up the web proxy stuff, so I can become the SME on the Tufin.
We implement Tufin for other customers and help set it up. I'm not the end user. I just set it up for the end user. We are using the latest version from 2018.
We use this solution for firewall rule management.
The primary use case is data flow analysis.
The primary use case is processing change requests. While our organization has implemented SecureChange and SecureTrack, we are not using either tool rather extensively. Therefore, we are trying to put together a plan for the organization to adopt these tools more firmly. The idea is to be using SecureChange as the primary portal for entering change requests on both the perimeter and shop floor network firewalls. The way we are approaching this is to do a pilot first among a few sites, then bringing it out to a larger group once we feel more comfortable with how the pilot went. The pilot will probably last for a couple weeks. After that, we will roll it out in buckets or groups to the rest of the sites. Then, the primary use case will be using tool for change management and SecureChange, while SecureTrack will be used by our security monitoring group who is tracking for threats. My engagement to date and going forward will be to assist in the planning of the rollout and helping with the rollout. I make sure teams and users who will be using this tool are actually using it, including processes from: * Submitting a firewall change request. * Price or rule requests. * Opening a port. * Firewall maintenance or maintenance processes, e.g., rule cleanup.
The primary use case is monitoring routers, switches, firewalls, but mostly routers and firewalls. We are just using SecureTrack, either version 18-2 or 18.3.
We do risk, cleanup, and change.
Our primary use case is firewall automation. We use SecureTrack and SecureChange. We have distribution serves, Remote Collectors, but what we primarily use is SecureChange integrated with ServiceNow for users to submit firewall requests. They then go to SecureChange which designs the rules and implements them.
The primary use case is automation. We are using the latest version.
The primary use case of Tufin is firewall management, firewall reviews, and eventually, to do rule deployment. It was more to start standardizing our prior work changes. The initial first step is to understand and make sure that whatever change goes in is complying to our policies and standardized. The eventual goal is to get everything automated. We are using SecureTrack at the moment, but we do have licenses for SecureChange as well.
Our goal is to move towards a completely automated system within our organization. We also want to integrate different business units, see what our vision is from an automation standpoint. In addition, we want to get complete visibility across all the different platforms that we have.
Currently, we're an electric utility. We use it for NERC CIP for validating rules into ESPs, which makes it easier for us to pull out the rules and justifications for auditors. We are using either Tufin 18-2 or 18-3 and testing 19-2. As a company, we don't have anything in the cloud.
We use it with SecureTrack, mainly for auditing purposes. We also use SecureChange for workflows on temporary firewalls.
We are using SecureTrack and SecureChange to make policy changes.
We use SecureChange for change management, and the SecureTrack component for reporting and the summary.
My company primarily uses this solution for reporting and enforcing policy. My role has to do with developing applications to allow integration with our other tools.
We are an integrator, and we implement this solution for our clients. Most of them use USP extensively. It is also commonly used for firewall rule clean up, automation, and change control. We have a whole range of use cases in different fields. We've got energy companies, banks, and healthcare is a big one. The vast majority of them use both SecureTrack and SecureChange and almost all of their features, rule cleanups, risk avoidance, and change automation. I, myself, typically lean a little bit heavier to the integration and coding side, and interacting with the APIs. But I also do plenty of installations and initial configurations and also some first-level support and maintenance.
We make use of the SecureChange and SecureTrack modules. In SecureChange, we use the Workflow, and we use the USP to see if there are any rule violations.
Our primary use case for this solution is firewall automation for rule requests.
The primary use cases are firewall support and generating rules.
We are using the SecureChange and SecureTrack components of this solution for rule re-certification and change automation. We are still in the implementation phase, but we expect to have this solution in our production environment by October 1st.
We primarily use this solution for Change automation. We do not use USP, yet.
The primary use case is role recertification. We are trying to get into it for compliance, but we are having issues with that. This solution helps us ensure that security policy is followed across our entire hybrid network.
We use the SecureTrack component for several things including the maintenance of firewall rules. Examples of this are identifying rules that are no longer in use and identifying shadowed rules that can be consolidated. We also use this solution to look for violation policies, as well as unused rules. We use this solution in AWS and in our on-prem firewall.
We primarily use SecureTrack for viewing and tracking changes to policies.
We are a reseller and solution provider. We have this product running in our lab, and what differentiates us is that we are able to take our client's use cases and execute them in our environment.
We use this solution for firewall compliance reviews.
We use this solution for workflow intake and policy cleanup. It is also used for firewall policy requests.
We use this solution for auditing our security and system access entries, then alerting us to problems.
Our primary use case for this solution is risk visibility.
Our primary use case was firewall policy management. We did a PoC with Tufin.
We are doing firewall automation through Tufin.
Our primary use case for this solution is for audit and firewall rule base management.
We deployed a proof of concept. We added most of our firewall base to Tufin, although not all. We checked and tested Check Point, Palo Alto, Juniper, Cisco routers, Juniper routers, and F5 load balancers. Mostly we grabbed one instance of each of our technology devices, added it to Tufin, and tried different things. We tried SecureTrack and some basic SecureChange to try to automate our firewall partitions, the firewall "tickets." We presented a form to users to enter the source, destination, service, etc. This was our PoC. Right now, we're in the process of purchasing Tufin.
We are using Tufin to generate reports on unused rules and for compliance reporting.
Our primary use case is for automation and orchestration.
Firewall automation and orchestration.
We are using SecureChange to start orchestrating a lot of our changes. Our users can then request changes instead of having to go directly to us. We are trying to automate some of those pieces.
Our primary use case is firewall management and policy management.
The primary use case is for firewall auditing. We use it for audit monitoring, login changes, and firewall changes. We are looking at automation, but not yet.
It's mainly for the automation of policies.
The primary case is to get more compliance and security with good performance. We use Tufin to use some Check Point products. The product is for the way we manage our security, performance, and boxes.
Our primary use case is firewall monitoring, rule changes, and logging.
We use Tufin to do the review of rules, best practices, changes, and usage. So, it's an outside entity looking in to see what's happening on the rules sides. Then, we can do recertification for our rules, so they can be used again. Tufin puts it together really well, saying what's needed or not, then cleaning things up. We've been a customer for a very long time with them, and we're pretty pleased.
The primary use case is firewall management, consolidation, and optimization.
We use it to manage our policies, consolidate them, and if we see anything missing, we can use it to track that, as well. Right now, we're mainly on-premise. S,o the cloud piece is not being used right now. However, in the future, we will use it. I think it will help tremendously to get a good picture across the board.
We do firewall reviews on a quarterly basis.
We use it for advanced reporting and root analysis. In some cases for clients, we use it for root deployment.
Tufin is the product which we do our compliance under. That's one of the requirements. We also do change control tracking: who does what and the impact. The users have reports for best practices and clean up. The primary use case going forward will be automation, changing the internal process by trying to eliminate human errors.
Our primary use case if for risk compliance.
Our primary use case is for change audit.
We use Tufin for two purposes: * To track all changes on our network equipment, our Cisco gear, F5s, and Check Point. * We use SecureChange. So, we submit any firewall change through SecureChange, then we use that for the approval process. We are trying to have it end-to-end, where it provisions the device, but we're not there yet.
Our primary use case for this solution is firewall remediation. I didn't get very far with it because I didn't used Tufin in production, only during the evaluation phase.
Our primary use case is configuration management and change management.
For us, it's more about managing the policies and having an overview of all the policies that are available, that we currently implement, and bringing them to a central console so that we can have an overview of what's going on. We deploy Tufin for one of our customers, it's not for ourselves.
Firewall policy management over all firewalls from one single point. We browse policies, objects, and their usage. The report gives us an image of where risks are.
We use it for compliance, and the performance is good.
We were looking for a solution to provide firewall rule management that would enable us to choose which firewall rules to keep and which to eliminate.