AWS Firewall Manager vs Tufin Orchestration Suite comparison

Amazon Web Services (AWS) and Tufin are both solutions in the Firewall Security Management category. Amazon Web Services (AWS) is ranked #9 with an average rating of 8.3, while Tufin is ranked #2 with an average rating of 8.0. Amazon Web Services (AWS) holds a 3.3% mindshare in Firewall Security Management, compared to Tufin’s 21.0% mindshare. Additionally, 100% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 91% of Tufin users who would recommend it.

AWS Firewall Manager

Read 10 AWS Firewall Manager reviews

951 Views
951 Comparison Views

100% willing to recommend

Tufin Orchestration Suite

Read 182 Tufin Orchestration Suite reviews

6,117 Views
5,628 Comparison Views

91% willing to recommend

AWS Firewall Manager

Tufin Orchestration Suite

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Nov 4, 2024

Tufin Orchestration Suite and AWS Firewall Manager compete in the network security management category. Tufin Orchestration Suite seems to have the upper hand with its ability to manage multi-vendor environments and provide detailed policy analysis.

Features: Tufin Orchestration Suite includes SecureTrack for rule implementation and audit compliance, SecureChange for automated workflow management, and multi-vendor support for unified security management. It allows detailed network analysis supporting various firewall configurations. AWS Firewall Manager offers robust automation for policy management, easy integration within the AWS ecosystem, and cloud-native security features that simplify AWS resource protection.

Room for Improvement: Tufin Orchestration Suite could improve its topology visualization, expand support for additional security devices, and enhance third-party tool integration. Users express a need for a more user-friendly interface and flexible reporting options. AWS Firewall Manager would benefit from better documentation, expanded logging capabilities, and greater feature customization to enhance its functionality outside AWS environments.

Ease of Deployment and Customer Service: Tufin Orchestration Suite primarily deploys on-premises, supporting hybrid and private cloud setups, offering significant control but with complex deployment. Customer service is mostly praised, although experiences vary. AWS Firewall Manager is straightforward to deploy in public and hybrid cloud environments, ideal for AWS users, with generally well-regarded customer service, though improved non-AWS integration support is desired.

Pricing and ROI: Tufin Orchestration Suite is priced higher due to its extensive features, but it promises strong ROI through process simplification. Its complex licensing is based on device support. AWS Firewall Manager offers flexible cost governance but might be considered costly by some due to its pay-as-you-go model, yet it provides agility in cloud settings. Both tools enhance ROI by streamlining security operations, catering to different needs and scales.

To learn more, read our detailed AWS Firewall Manager vs. Tufin Orchestration Suite Report (Updated: December 2025).

Buyer's Guide

AWS Firewall Manager vs. Tufin Orchestration Suite

December 2025

Download the complete report

Helped 879,443 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

AWS Firewall Manager

Ranking in Firewall Security Management

9th

Average Rating

8.0

Reviews Sentiment

6.6

Number of Reviews

Ranking in other categories

No ranking in other categories

Tufin Orchestration Suite

Ranking in Firewall Security Management

2nd

Average Rating

8.0

Reviews Sentiment

7.2

Number of Reviews

182

Ranking in other categories

AI Observability (74th)

Mindshare comparison

As of January 2026, in the Firewall Security Management category, the mindshare of AWS Firewall Manager is 3.3%, down from 5.1% compared to the previous year. The mindshare of Tufin Orchestration Suite is 21.0%, down from 21.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Firewall Security Management Market Share Distribution
Product	Market Share (%)
Tufin Orchestration Suite	21.0%
AWS Firewall Manager	3.3%
Other	75.7%

Firewall Security Management

Featured Reviews

ShantanuKhare

Senior IT Auditor at Ernst & Young

Has strengthened compliance management and improved threat detection through real-time security integrations

We work with the compliance monitoring capability in AWS Firewall Manager, and my firm has one level of additional layer of security over the compliance management that AWS Firewall Manager provides, so we implement both of them. It is helpful for our compliance, as the compliance manager manages compliance with leading industry standards such as FedRAMP, which my company complies with, GDPR laws, and ISO 27001. It has an impact on our security policies because it has an inheritance rule where anything implemented on AWS Firewall Manager gets overridden on AWS Organizations, which works on the concept of root organization units. I would assess this feature positively, as we have integrated AWS Firewall Manager with GuardDuty, which provides real-time threat detection and alerts to our teams.

Read full review

reviewer2688339

Works

Vulnerability control saves audit costs and reduces expenses for organizations

Tufin Orchestration Suite is not commonly used in Thailand due to a lack of local support, and many customers are switching to AlgoSec or other vendors. The analytics features of Tufin Orchestration Suite are challenging to use and require technical expertise, which is a concern as there is not much knowledge in this field in Thailand. The issue of technical knowledge, especially regarding English language proficiency, is significant for government and some companies, making Tufin Orchestration Suite harder to use.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Once this solution is set up, we hardly have to touch it."

"The most valuable feature is the centrally managed rule. I also like the central orchestration."

"It has centralized cloud firewall management rules. It provides compliance in tracking and reporting."

"The most valuable feature is scaling, which allows you to deploy one configuration and scan and deploy it across the network. The automated policy application feature also streamlines security operations."

"It is helpful for our compliance, as the compliance manager manages compliance with leading industry standards such as FedRAMP, which my company complies with, GDPR laws, and ISO 27001."

"The product is highly reliable."

"The interface is intuitive and it is easy for the users."

"Also, the strength of the community is invaluable."

More AWS Firewall Manager pros

"It provides a great visibility around the roots: Root implementing which can be done, roots that have changed, and what has been done. So, it's pretty useful when you have an audit going on."

"In our current environment, the most valuable feature from Tufin is their Network Map."

"The most valuable feature of Tufin is rule analysis."

"Our engineers are spending less time on manual processes, specifically for the reporting functionality. For doing the rule cleanup and policy analysis, it would be a nightmare to do that manually. So, it is saving our engineering teams time from not having to do manual log reviews."

"The Automatic Policy Generator saves time because we are able to identify the required policy when a client doesn't know what he needs."

"Tufin has made handling firewall rule request tickets more centralized and easier to manage."

"Tufin is the only multi-vendor firewall tool that is available, and it helps to bring everything together and report on what all of the rules are."

"Tufin simplifies understanding network topology."

More Tufin Orchestration Suite pros

Cons

"Enabling and configuring the logging is not that straightforward."

"AWS Firewall Manager should be open to manage other third-party appliances as well."

"The product could benefit from improvements in the user interface and integration capabilities."

"The areas of improvement are definitely platform resiliency, as we have seen outages on the AWS backbone, and whenever there is an outage on the AWS backbone, it impacts all the services hosted on that region, so we expect regional resiliency."

"For AWS WAF, we have seen cases where it allowed suspicious HTTPS headers even if they carried malicious payloads."

"This solution is suitable for a small-scale enterprise and may not scale up to a very high volume of traffic or a large number of servers."

"The system should be more customizable."

"I would like to see AWS add some UTM features to the firewall. It would also be great if AWS Firewall had native IPS/IDS. They have the separate IPS/IDS, GuardDuty."

More AWS Firewall Manager cons

"I would really like to see a new UI for SecureChange. SecureTrack 2.0 has quite an improvement in the UI and it flows more smoothly. The current SecureTrack and SecureChange are a little blocky, and sometimes loading a tab or a page is required to refresh information. Whereas in SecureTrack 2.0, they're starting to improve on that."

"I haven't seen the cloud integration yet, and I would like to see if we could audit the cloud firewalls, like the cloud-native, Azure, and Amazon. That would be nice. You want one tool to do everything. I don't want to use another tool, or manually go and audit the cloud firewalls."

"It would be great to add a link to Visio to create shapes directly from Tufin, as it has the configuration."

"Currently, we have to get different data from different sections of the site. It would be nice if it was all combined into one."

"I would like to see API access into every aspect of Tufin."

"The change workflow process is getting better. I wish it was a little more customizable. Right now, my biggest issue is that it wants to optimize everything we put in. Sometimes, we need a rule to be more readable, and we want it to go in a specific way. Sometimes, it's difficult to get Tufin to accept that. It wants to optimize and reduce the number of ACLs. On the compliance side, sometimes you just want more ACLs, so it's more readable for an auditor."

"There is room for improvement in the speed of Tufin. It is using so many of my VM resources and yet it is still a bit slow... Even though we are allocating 130 gigs of RAM, we still have to wait for a few minutes for a single report to be generated. Otherwise it would be a perfect tool."

"Lacks ability to create a Terraform that would enable deployment without manual steps."

More Tufin Orchestration Suite cons

Pricing and Cost Advice

"The AWS Firewall Manager is a little on the costly side."

"It is a cost-efficient product."

"The licensing is on a pay-as-you-go basis and we are billed monthly."

"From what I've heard from my colleagues, it appears that the pricing is competitive, which influenced our decision to choose this option."

"This solution helps us reduce the time it takes us to make changes. We're probably saving time by 25%."

"I'm saving 20 man-hours a week, so I am seeing some ROI."

"The solution has helped reduce the time it takes us to make changes. It helps make overall integrated changes immediately. It allows us to cut down at least a few hours in the week in regards to changes and monitoring."

"Tufin reduced the time it takes to solve a problem, which reduces the time of the outage."

"Our engineers are spending less time on manual processes: 20 to 30 hour plus."

"There is no issue with the pricing because we used a VM. That kept the cost low, as compared to an appliance."

"We've seen a decrease of about 50 percent in the overall time it takes to complete a firewall change."

"The seller of Tufin, when I wanted the solution, was very flexible because the cost on the lease was very high in Latin America. So, he was able to reduce the cost."

More Tufin Orchestration Suite pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.

See recommendations

879,443 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Financial Services Firm

10%

Computer Software Company

Manufacturing Company

Retailer

Financial Services Firm

15%

Computer Software Company

12%

Manufacturing Company

12%

Educational Organization

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

By reviewers
Company Size	Count
Small Business	5
Large Enterprise	8

By reviewers
Company Size	Count
Small Business	29
Midsize Enterprise	13
Large Enterprise	152

Questions from the Community

What is your experience regarding pricing and costs for AWS Firewall Manager?

AWS licenses in general are expensive, as the overall suite of services that we buy from AWS goes in the range of tens of million dollars. The services we get are value for money; AWS has a pay-as-...

See all answers

What needs improvement with AWS Firewall Manager?

The areas of improvement are definitely platform resiliency, as we have seen outages on the AWS backbone, and whenever there is an outage on the AWS backbone, it impacts all the services hosted on ...

See all answers

What is your primary use case for AWS Firewall Manager?

We host our applications on the AWS platform, and to secure our boundaries, we are using AWS Firewall Manager, Web Application Firewall, and AWS Shield Advanced.

See all answers

What needs improvement with Tufin SecureCloud?

Tufin Orchestration Suite ( /products/tufin-orchestration-suite-reviews ) is not commonly used in Thailand due to a lack of local support, and many customers are switching to AlgoSec or other vendo...

See all answers

What is your primary use case for Tufin SecureCloud?

I have primarily used Skybox and AlgoSec ( /products/algosec-reviews ). I have also interacted with FireMon for compiling. However, I am not currently working with ACA, and I don't have any project...

See all answers

What advice do you have for others considering Tufin SecureCloud?

There is potential for improvement in explaining the analytics in the dashboard for Tufin Orchestration Suite. Tufin Orchestration Suite does provide good monitoring; however, interpreting the grap...

See all answers

Comparisons

Fortinet FortiGate Cloud vs AWS Firewall Manager

Compared 42% of the time

Palo Alto Networks Panorama vs AWS Firewall Manager

Compared 15% of the time

AlgoSec vs AWS Firewall Manager

Compared 10% of the time

Skybox Security Suite vs AWS Firewall Manager

Compared 7% of the time

FireMon Security Manager vs AWS Firewall Manager

Compared 6% of the time

More AWS Firewall Manager Competitors

FireMon Security Manager vs Tufin Orchestration Suite

Compared 33% of the time

AlgoSec vs Tufin Orchestration Suite

Compared 33% of the time

Skybox Security Suite vs Tufin Orchestration Suite

Compared 12% of the time

Palo Alto Networks Panorama vs Tufin Orchestration Suite

Compared 3% of the time

Fortinet FortiGate Cloud vs Tufin Orchestration Suite

Compared 1% of the time

More Tufin Orchestration Suite Competitors

Product Reports

Buyer's Guide

AWS Firewall Manager

January 2026

Download AWS Firewall Manager product report

Buyer's Guide

Tufin Orchestration Suite

December 2025

Download Tufin Orchestration Suite product report

Also Known As

No data available

Tufin SecureCloud

Overview

AWS Firewall Manager is a security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization. As new applications are created, Firewall Manager makes it easy to bring new applications and resources into compliance by enforcing a common set of security rules. Now you have a single service to build firewall rules, create security policies, and enforce them in a consistent, hierarchical manner across your entire infrastructure.

Using AWS Firewall Manager, you can easily roll out AWS WAF rules for your Application Load Balancers, API Gateways, and Amazon CloudFront distributions. Similarly, you can create AWS Shield Advanced protections for your Application Load Balancers, ELB Classic Load Balancers, Elastic IP Addresses and CloudFront distributions. Finally, with AWS Firewall Manager, you can enable security groups for your Amazon EC2 and ENI resource types in Amazon VPCs.

Amazon Web Services (AWS)

Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines.

Tufin

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers

3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service

Buyer's Guide

AWS Firewall Manager vs. Tufin Orchestration Suite

December 2025

Free Report: AWS Firewall Manager vs. Tufin Orchestration Suite

Find out what your peers are saying about AWS Firewall Manager vs. Tufin Orchestration Suite and other solutions. Updated: December 2025.

DOWNLOAD NOW

879,443 professionals have used our research since 2012.

See our AWS Firewall Manager vs. Tufin Orchestration Suite report.

See our list of best Firewall Security Management vendors.

We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.