• Home
  • Skybox Security Suite vs. Tufin Orchestration Suite

Skybox Security Suite vs Tufin Orchestration Suite comparison

Cancel
You must select at least 2 products to compare!
Skybox Security Logo
Skybox Security Suite
Read 34 Skybox Security Suite reviews
4,464 views|3,184 comparisons
85% willing to recommend
Tufin Logo
Tufin Orchestration Suite
Read 180 Tufin Orchestration Suite reviews
11,923 views|6,941 comparisons
91% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Skybox Security Suite vs. Tufin Orchestration Suite
March 2024
Executive Summary

We performed a comparison between Skybox Security Suite and Tufin Orchestration Suite based on real PeerSpot user reviews.

Find out in this report how the two Firewall Security Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
To learn more, read our detailed Skybox Security Suite vs. Tufin Orchestration Suite Report (Updated: March 2024).
Download the complete report
771,157 professionals have used our research since 2012.
Featured Review
Sharath K
Researched Tufin Orchestration Suite but chose Skybox Security Suite: Helps us clean up firewall rules and backup device config, but it needs a web interface
It's given us more visibility in terms of what are the kinds of configurations that are on these devices, and how many of these are stale rules. So... Read more →
Michael Utech
Researched Skybox Security Suite but chose Tufin Orchestration Suite: The most valuable feature is the Network Map
The plan is to integrate it into things, like ServiceNow, then use the automation. That was one of the strengths in the decision to stay with Tufin... Read more →
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"instead of asking for firewall rules which may or may not be relevant, or could already be there, or could be over-permissioned, Skybox can be used to map out the resources that that application is going to use and provide the exact rules that an application would require to function correctly. If the traffic isn't able to flow for the application, if it's erring out, Skybox can be used to troubleshoot that and say, "All right, where is the traffic being stopped and why, and how do I fix that."""The way that it's built with three-tier architecture, it makes it very horizontally scalable, so I can have multiple fallbacks. If one machine does fall offline, there are four other machines that are doing the exact same job to pick it up""I am impressed with the tool's change management, firewall and network assurance.""It has a good policy management feature and can provide customers with good quality outputs.""The most valuable features are the rule compliance and the OS vulnerability checks.""The ability to appropriately prioritize vulnerabilities inside the environment, and then to have visibility into the traffic and rule sets of an organization, are two of the top capabilities that I recommend. Skybox is the only one that does both of those in a single platform.""The most valuable feature is the compliance, whether it's access compliance or the configuration compliance, to make sure that all of our devices are configured as they're supposed to be, to limit access as much possible, to follow least-access guidelines.""Skybox allows organizations to reprioritize the vulnerability they attempt to patch and mitigate, based on the contextual awareness of the network."

More Skybox Security Suite Pros →

"The most valuable function is the SecureChange where it is able to automate everything from the validation of the rules to the pushing of the rules.""It is very stable.""It provides a great visibility around the roots: Root implementing which can be done, roots that have changed, and what has been done. So, it's pretty useful when you have an audit going on.""There are a lot of benefits to using the reporting. It gives us duplicate objects, duplicate services, shadow firewall rules, and the firewall rules not needed for a given number of days or months.""The most valuable feature is alerting, which lets me know when someone has made a change.""Being able to customize your own clarity to that aspect of change management.""It is an important application for controlling and monitoring firewall rules. It is useful for making and monitoring the changes.""We use it to clean up our firewall policies, which gives us better security policy and less junk on the firewalls."

More Tufin Orchestration Suite Pros →

Cons
"The support could be improved.""There is room for improvement in the technical support.""The solution was quite technical. It would be easier to manage if the solution was more specific about aspects of the solution and provided more advisory around how to use it effectively. It would help users a lot if they were more clear about everything.""The solution does not support certain devices or vendors in some regions or countries due to regulations.""Change Manager can be improved. If they can improve Change Manager so that whatever we want to do on a firewall, we are able to do it through Change Manager, it will be helpful for us. Whenever we are doing a change, it only does them at an L3 and L4 level, but all the firewalls are at the application layer. So, whatever needs to be done on the firewall, we aren't able to get it done through Change Manager. Currently, this functionality is not there because of which we are sometimes losing customers. I can create a role on Layer 3, Layer 4, but when it comes to the application layer, such as configuring and defining URLs or other things at the application level, it can't be done through Change Manager. Customers demand that they should be able to do everything through Change Manager. They don't want to do it through some other mechanism to accomplish their complete change management policy. They don't want to use a firewall manager because sometimes, they don't have any manager. They ask if they can use our solution so that a manager is not required. If Change Manager can do all the management automatically without involving any other manager, it will be great. They can also provide better integration with other managers so that everything can be done through a central point.""The primary room for improvement would be to enable a web interface, which is not something which is there in the product. This is supposed to have come a year, a year and a half ago, but still has failed to come out. It still needs a client application to be installed on a workstation to be able to access that server and then run these reports. So I cannot extend that access to anybody. It has to be one administrator all the time. So unlike a web interface, where you can give multiple users simultaneous access and generate the various reports, that isn't a possibility at the moment.""I've had issues with licensing where, when they were expiring and I asked for the updated licenses, I would the wrong ones. I think their process needs to be straightened out a little bit - I don't know if they fixed it already, it has been awhile. It wasn't as straightforward as it could have been.""The vendor's support is terrible."

More Skybox Security Suite Cons →

"It needs better reporting with more graphics and more pie charts, so management can understand details. The reports that are done now are full of data and management would like to have an image to help understand, right away, what the reports are saying.""My worry with Tufin is that it cannot connect to Fortinet, which is what I want to do.""We had a discussion in the Customer Advisory Board yesterday around use of SecureChange. We would like to have an opportunity for an engineer to choose if you want to make or take the policy which has been suggested by the designer functionality, making it more human readable or less human readable (more or less granular). This would be huge for the customers who are using SecureChange. They said this was one of their issues with it, especially for anything that was going into a regulator's or auditor's hands. The more human readable, the better that it would be, and this would definitely be applicable to our industry. It sounds like they are working on this issue, or they took the feedback, but that would be a big one for us in being able to make the jump to SecureChange.""I wish there was a read-only admin option. I don't like that you have to be a full admin just to see the Network Topology Map. That option is great out there if you are a user, multi-domain user, etc. However, that piece is very helpful for us, but I also don't want to be handing out admin access to every single person so they can see that network tab.""Its price is reasonable, but it could be lower. It could have a more effective approach for creating and changing rules. It could provide advice or suggestions for a better understanding of rules and changing the rules. There should be suggestions for the rules that need to be changed to make them less risky.""We found some bugs on the software, but we're working with tech support to fix them.""I would like more enforcement. Right now. it's a lot of alerting. You see it in Tufin, but you have to go to Check Point or whatever device to make the actual action.""Currently, we have to get different data from different sections of the site. It would be nice if it was all combined into one."

More Tufin Orchestration Suite Cons →

Pricing and Cost Advice
  • "I think for the cost, what we got definitely is worth it. The only caution I would give is that whenever you license for Firewall Assurance at the same time, for some weird reason, you have to get one Network Assurance license, just to manage one firewall. That's a little bit of overkill. But otherwise, in general, the pricing is fairly okay."
  • "The pricing is high, and the licensing model needs more flexibility."
  • "The product's pricing is excellent value. In terms of licensing, make sure you understand your network components, all your hops through your network, thoroughly, before you decide on the total cost. If you want to do point-to-point flow analysis and such, you need to have the configuration of all the devices in between point A and point B. A lot of people don't realize all their network components until they start using this product."
  • "I've seen the pricing of every solution on the market. When you compare apples to apples, where Skybox becomes exceedingly expensive is if you look at it compared to something like FireMon that only does a fraction of what Skybox does. But if you include everything that Skybox does, it becomes way more expensive than the competition, but you're also not comparing apples to apples. If you look at FireMon, and you look at like just the firewall assurance piece, they are fairly comparable and, actually, Skybox comes in a little bit cheaper in some cases, depending on which product you're looking at."
  • "The pricing has increased exorbitantly in the last few years, so now it is questionable. Now, it makes me want to review other products."
  • "With licensing, the number of network nodes becomes very expensive to the point where you have to rationalize if the tools are warranted anymore."
  • "Fully understand the total cost of ownership. They have gone to a new model where you have to replace the hardware every X amount of years at a very substantial cost and fully understand your intended number of nodes. To operate a firewall, you have to pay two licenses, a firewall node and a network node. If you are a reasonable-sized organization, this gets expensive very quickly."
  • "Pricing is on the higher side. In terms of licensing, you should buy the complete suite rather than buying only the Change Manager. I think Change Manager with Vulnerability Control is something that would be interesting to look at."

    • More Skybox Security Suite Pricing and Cost Advice →

  • "This solution helped us to reduce the time it takes to make changes. We used to spend up to an hour to do a change, and now, it's around five minutes."
  • "Tufin and AlgoSec were pretty much in the competitive price range, but this one provided us better integration into the Check Point environment."
  • "The solution has helped us to reduce the time it takes to make changes. With Tufin, it takes ten to 15 minutes. Before, it was 30 minutes or more."
  • "The solution has helped reduce the time it takes us to make changes. It helps make overall integrated changes immediately. It allows us to cut down at least a few hours in the week in regards to changes and monitoring."
  • "We've seen a decrease of about 50 percent in the overall time it takes to complete a firewall change."
  • "Tufin makes things a little easier. It lessens the amount of manual work which we have to do. It has a lot of benefits in terms of revenues, profits, employee costs, and operational costs. We have already seen return on investment."
  • "This solution helps us reduce the time it takes us to make changes. We're probably saving time by 25%."
  • "Tufin reduced the time it takes to solve a problem, which reduces the time of the outage."

    • More Tufin Orchestration Suite Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
    See Recommendations
    771,157 professionals have used our research since 2012.
    Questions from the Community
    What do you like most about Skybox Security Suite?
    Top Answer:Overall, the tool has helped us reduce risks. If any step is missing, it's easier for my team or engineers to identify it. The tool provides accurate recommendations based on the data. Its integration… more »
    Read all 26 answers   →
    What is your experience regarding pricing and costs for Skybox Security S...
    Top Answer:Skybox Security Suite has indeed helped us reduce costs. The prices of AlgoSec and Skybox Security Suite are approximately 50 percent different. The tool may require special vendor support from… more »
    Read all 21 answers   →
    What needs improvement with Skybox Security Suite?
    Top Answer:The setup is expensive.
    Read all 27 answers   →
    What do you like most about Tufin?
    Top Answer:The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company, for example, what is allowed or not. We are able to check the rules over… more »
    Read all 91 answers   →
    What is your experience regarding pricing and costs for Tufin?
    Top Answer:Tuffin is expensive, and we have to explain to our customers the benefit for them to purchase. If we explain the benefits in the correct way they do not mind the price. We typically do costing for the… more »
    Read all 37 answers   →
    What needs improvement with Tufin?
    Top Answer:The reporting function could improve in Tufin. For our clients with companies that have strong compliance, reporting privacy data is mostly a problem. In the IT department, private data needs a… more »
    Read all 86 answers   →
    Ranking
    6th
    out of 17 in Firewall Security Management
    Views
    4,464
    Comparisons
    3,184
    Reviews
    8
    Average Words per Review
    459
    Rating
    7.5
    2nd
    out of 17 in Firewall Security Management
    Views
    11,923
    Comparisons
    6,941
    Reviews
    9
    Average Words per Review
    432
    Rating
    7.9
    Comparisons
    Also Known As
    Tufin SecureCloud
    Learn More
    Skybox Security
    Tufin
    Overview

    The Skybox Security Suite platform combines firewall and network device data with vulnerability and threat intelligence, prioritizing security issues in the context of your unique environment. Powerful attack vector analytics reduce response times and risks, bringing firewall, vulnerability and threat management processes for complex networks under control.

    Firewall Assurance brings all firewalls into one normalized view, continuously monitoring policy compliance, optimizing firewall rulesets and finding attack vectors that others miss. Skybox covers the most comprehensive list of firewall vendors, complex rulesets, even virtual and cloud-based firewalls. With proven scalability in 1,500+ firewall deployments, Firewall Assurance keeps rules optimized and ensures changes don’t introduce new risk. 

    Gain total visibility of the vulnerabilities in your attack surface without waiting for a scan. Leverage Skybox Research Lab's vulnerability and threat intelligence, and automatically correlate it to your unique environment. With network modeling and advanced simulations, pinpoint exposed vulnerabilities and other attack vectors. And use context to prioritize vulnerabilities in terms of actual risk and respond to threats with accuracy and efficiency.

    For more information or to view a demo, visit www.skyboxsecurity.com.

    Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines. 

    Sample Customers
    ADP, Blue Cross Blue Shield, BT, USAID, Delta Dental, EDF Energy, EMC, HSBC, Johnson & Johnson
    3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
    Top Industries
    REVIEWERS
    Financial Services Firm16%
    Outsourcing Company16%
    Comms Service Provider16%
    Insurance Company11%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm17%
    Manufacturing Company9%
    Government6%
    REVIEWERS
    Financial Services Firm26%
    Comms Service Provider11%
    Healthcare Company7%
    Retailer7%
    VISITORS READING REVIEWS
    Financial Services Firm18%
    Computer Software Company17%
    Manufacturing Company7%
    Retailer6%
    Company Size
    REVIEWERS
    Small Business50%
    Midsize Enterprise10%
    Large Enterprise40%
    VISITORS READING REVIEWS
    Small Business19%
    Midsize Enterprise12%
    Large Enterprise68%
    REVIEWERS
    Small Business14%
    Midsize Enterprise7%
    Large Enterprise79%
    VISITORS READING REVIEWS
    Small Business16%
    Midsize Enterprise15%
    Large Enterprise70%
    Buyer's Guide
    Skybox Security Suite vs. Tufin Orchestration Suite
    March 2024
    Free Report: Skybox Security Suite vs. Tufin Orchestration Suite
    Find out what your peers are saying about Skybox Security Suite vs. Tufin Orchestration Suite and other solutions. Updated: March 2024.
    DOWNLOAD NOW
    771,157 professionals have used our research since 2012.

    Skybox Security Suite is ranked 6th in Firewall Security Management with 34 reviews while Tufin Orchestration Suite is ranked 2nd in Firewall Security Management with 180 reviews. Skybox Security Suite is rated 7.8, while Tufin Orchestration Suite is rated 8.0. The top reviewer of Skybox Security Suite writes "Efficient in vulnerability management, stable and easy to use ". On the other hand, the top reviewer of Tufin Orchestration Suite writes "A flexible, very secure solution that works well in Layer 2 environments". Skybox Security Suite is most compared with AlgoSec, FireMon Security Manager, Palo Alto Networks Panorama, RedSeal and Qualys VMDR, whereas Tufin Orchestration Suite is most compared with AlgoSec, FireMon Security Manager, Palo Alto Networks Panorama, ManageEngine Firewall Analyzer and Cisco Defense Orchestrator. See our Skybox Security Suite vs. Tufin Orchestration Suite report.

    See our list of best Firewall Security Management vendors.

    We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.