No more typing reviews! Try our Samantha, our new voice AI agent.

AWS Firewall Manager vs Tufin Orchestration Suite comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Firewall Manager
Ranking in Firewall Security Management
6th
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
12
Ranking in other categories
No ranking in other categories
Tufin Orchestration Suite
Ranking in Firewall Security Management
2nd
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
182
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Firewall Security Management category, the mindshare of AWS Firewall Manager is 3.6%, down from 3.8% compared to the previous year. The mindshare of Tufin Orchestration Suite is 16.9%, down from 22.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewall Security Management Mindshare Distribution
ProductMindshare (%)
Tufin Orchestration Suite16.9%
AWS Firewall Manager3.6%
Other79.5%
Firewall Security Management
 

Featured Reviews

Venda E - PeerSpot reviewer
Cloud Option Engineer at a tech vendor with 10,001+ employees
Centralized security policies have streamlined audits and ensure consistent protection by default
One area for improvement is the reporting and customization option. The compliance reports are helpful, but having more granular insights or export options would make it even easier to use during audits. Also, support for more third-party integration could improve flexibility. Another improvement I need to see is a smoother setup experience. Some of the initial configuration steps, especially around the organization and permissions, can feel complex. A more guided setup or clear UI explanation would make it easier for teams to adopt quickly. One more improvement would be better alerting options. Right now, we mostly rely on AWS Security Hub or CloudWatch for detailed alerts. Having more built-in, real-time notification directly from AWS Firewall Manager would make it easier to monitor policy violations without extra setup.
Vulnerability control saves audit costs and reduces expenses for organizations
Tufin Orchestration Suite is not commonly used in Thailand due to a lack of local support, and many customers are switching to AlgoSec or other vendors. The analytics features of Tufin Orchestration Suite are challenging to use and require technical expertise, which is a concern as there is not much knowledge in this field in Thailand. The issue of technical knowledge, especially regarding English language proficiency, is significant for government and some companies, making Tufin Orchestration Suite harder to use.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"It is helpful for our compliance, as the compliance manager manages compliance with leading industry standards such as FedRAMP, which my company complies with, GDPR laws, and ISO 27001."
"From a technical perspective, it is a good product."
"AWS Firewall Manager isn't a separate solution when you create the virtual private cloud (VPC), so you can control the traffic through that security group."
"Once this solution is set up, we hardly have to touch it."
"The most valuable feature is scaling, which allows you to deploy one configuration and scan and deploy it across the network. The automated policy application feature also streamlines security operations."
"The product is highly reliable."
"The most valuable feature is the centrally managed rule. I also like the central orchestration."
"My advice for anybody who is considering the AWS Firewall Manager is that it is pretty simple to set up and easy to use."
"The ease of use is the most valuable feature."
"It's given us an easier workflow since we go through the different steps of network validation to make sure that the request coming from the user is technically sound and implementable."
"Tufin is easy to use, which was really important for us."
"The biggest benefit of this is that it allows us to see how security functions as a hole."
"This solution helps us ensure that security policy is followed across our entire hybrid network. You can have a Unified Security Policy which reaches across all networks, so if you are having a change submitted, it doesn't matter if you're enforcing it or not. You can get an alert saying, "This is a violation." That's a value-add."
"The comparison of what changed, along with being able to use the historical data to see if access existed on a specific date in the past and who removed it, makes it a great tool."
"The compliance aspect of the solution is its most valuable aspect."
"The solution is very straightforward to use and makes doing our work easy while being very good at helping us clean up rules."
 

Cons

"It needs to be more employee-friendly, and the security management could be more efficient."
"In AWS, there are so many features that many users get confused about what to use and what not to use."
"The areas of improvement are definitely platform resiliency, as we have seen outages on the AWS backbone, and whenever there is an outage on the AWS backbone, it impacts all the services hosted on that region, so we expect regional resiliency."
"This solution is suitable for a small-scale enterprise and may not scale up to a very high volume of traffic or a large number of servers."
"AWS Firewall Manager could be improved with more granular policy customization for better visibility through enhanced dashboards and reporting."
"AWS Firewall Manager should be open to manage other third-party appliances as well."
"The system should be more customizable."
"One area for improvement is the reporting and customization option."
"It needs better correlation so that it's easier to not have to look for information underneath all the data."
"The integration with different products needs to be improved."
"We would like to have an opportunity for an engineer to choose if you want to make or take the policy which has been suggested by the designer functionality, making it more human readable or less human readable (more or less granular)."
"There are things that could be explained a little better for somebody brand new to this system, which could be helpful, especially if it was in real-time while you were working in the system. Having the ability in real-time to be able to understand search query suggestions would be helpful."
"Well there's parts of the product that we can't use, the SecureChange, the network address translation, and users as it's all very difficult, so we've never managed to use it for that."
"I would like to see better report integration in this solution."
"Currently, we are able to monitor access rules and the operating system of a firewall. It would be great if we can also monitor the configuration of the firewall through Tufin."
"I would like to see them get rid of the REST APIs and use something more modern."
 

Pricing and Cost Advice

"The AWS Firewall Manager is a little on the costly side."
"The licensing is on a pay-as-you-go basis and we are billed monthly."
"From what I've heard from my colleagues, it appears that the pricing is competitive, which influenced our decision to choose this option."
"It is a cost-efficient product."
"Our licensing fees are more than $100,000 USD per year."
"The seller of Tufin, when I wanted the solution, was very flexible because the cost on the lease was very high in Latin America. So, he was able to reduce the cost."
"Our licensing costs are pretty low. We were grandfathered in, so we are at about $35,000 per year."
"The price is on the cheaper side."
"We haven't purchased the license yet for SecureChange. We do have plans to buy it next year."
"There are ways to deploy the license to different types of firewall. However, if we decide to change the physical brand of the firewall, we need to go back to Tufin and modify the licensing. This is a hassle."
"There is a permanent license for devices, but it's not relative to a device itself. Once you purchase 10 licenses for virtual appliances or virtual context, you can put them into different virtual firewalls, but you can reuse these licenses for other devices if you don't need them for the old ones."
"Price could always be better, but there are always consequences."
report
Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
903,933 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Comms Service Provider
11%
Manufacturing Company
9%
Construction Company
7%
Healthcare Company
6%
Financial Services Firm
17%
Manufacturing Company
12%
Construction Company
9%
Computer Software Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise1
Large Enterprise8
By reviewers
Company SizeCount
Small Business29
Midsize Enterprise13
Large Enterprise153
 

Questions from the Community

What is your experience regarding pricing and costs for AWS Firewall Manager?
The pricing is reasonable and follows a pay-as-you-go model, which makes it cost-effective for scaling the environment. There is no significant setup cost since the native AWS services and licensin...
What needs improvement with AWS Firewall Manager?
AWS Firewall Manager could be improved with more granular policy customization for better visibility through enhanced dashboards and reporting. Simplifying the initial setup and providing clearer d...
What is your primary use case for AWS Firewall Manager?
My primary use case for AWS Firewall Manager is to centrally manage and enforce security policies across the multiple AWS accounts and resources within our organization. It helps to streamline the ...
What needs improvement with Tufin SecureCloud?
Tufin Orchestration Suite ( /products/tufin-orchestration-suite-reviews ) is not commonly used in Thailand due to a lack of local support, and many customers are switching to AlgoSec or other vendo...
What is your primary use case for Tufin SecureCloud?
I have primarily used Skybox and AlgoSec ( /products/algosec-reviews ). I have also interacted with FireMon for compiling. However, I am not currently working with ACA, and I don't have any project...
What advice do you have for others considering Tufin SecureCloud?
There is potential for improvement in explaining the analytics in the dashboard for Tufin Orchestration Suite. Tufin Orchestration Suite does provide good monitoring; however, interpreting the grap...
 

Also Known As

No data available
Tufin SecureCloud
 

Overview

 

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers
3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
Find out what your peers are saying about AWS Firewall Manager vs. Tufin Orchestration Suite and other solutions. Updated: June 2026.
903,933 professionals have used our research since 2012.