No more typing reviews! Try our Samantha, our new voice AI agent.

AWS Firewall Manager vs Tufin Orchestration Suite comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Firewall Manager
Ranking in Firewall Security Management
6th
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
12
Ranking in other categories
No ranking in other categories
Tufin Orchestration Suite
Ranking in Firewall Security Management
2nd
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
182
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Firewall Security Management category, the mindshare of AWS Firewall Manager is 3.6%, down from 3.8% compared to the previous year. The mindshare of Tufin Orchestration Suite is 16.9%, down from 22.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewall Security Management Mindshare Distribution
ProductMindshare (%)
Tufin Orchestration Suite16.9%
AWS Firewall Manager3.6%
Other79.5%
Firewall Security Management
 

Featured Reviews

Venda E - PeerSpot reviewer
Cloud Option Engineer at a tech vendor with 10,001+ employees
Centralized security policies have streamlined audits and ensure consistent protection by default
One area for improvement is the reporting and customization option. The compliance reports are helpful, but having more granular insights or export options would make it even easier to use during audits. Also, support for more third-party integration could improve flexibility. Another improvement I need to see is a smoother setup experience. Some of the initial configuration steps, especially around the organization and permissions, can feel complex. A more guided setup or clear UI explanation would make it easier for teams to adopt quickly. One more improvement would be better alerting options. Right now, we mostly rely on AWS Security Hub or CloudWatch for detailed alerts. Having more built-in, real-time notification directly from AWS Firewall Manager would make it easier to monitor policy violations without extra setup.
Vulnerability control saves audit costs and reduces expenses for organizations
Tufin Orchestration Suite is not commonly used in Thailand due to a lack of local support, and many customers are switching to AlgoSec or other vendors. The analytics features of Tufin Orchestration Suite are challenging to use and require technical expertise, which is a concern as there is not much knowledge in this field in Thailand. The issue of technical knowledge, especially regarding English language proficiency, is significant for government and some companies, making Tufin Orchestration Suite harder to use.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We work with compliance monitoring in the product, which is helpful for identifying framework-based misconfigurations, as it can tell you where to deploy firewall policies based on the frameworks."
"Also, the strength of the community is invaluable."
"My advice for anybody who is considering the AWS Firewall Manager is that it is pretty simple to set up and easy to use."
"It has centralized cloud firewall management rules. It provides compliance in tracking and reporting."
"Overall, it improved our security posture and made audits much easier."
"The product is highly reliable."
"It is helpful for our compliance, as the compliance manager manages compliance with leading industry standards such as FedRAMP, which my company complies with, GDPR laws, and ISO 27001."
"The most valuable feature is scaling, which allows you to deploy one configuration and scan and deploy it across the network. The automated policy application feature also streamlines security operations."
"Tufin provides a very comprehensive solution and anyone looking to go down the path of automation should not look any further because Tufin will be able to meet their requirements and scale out really effectively."
"One of the things that came up this week was the ability to decommission a server, which we thought was interesting. We had a workshop recently that talked about all the things that need to be thought about when managing firewalls. People said, "A lot of times, things get forgotten when you are decommissioning a server." E.g., making sure rules are taken away and taking out the rule set. The fact that there is an automated workload for that can be helpful."
"The firewall remediation and compliance pieces are the most valuable features."
"I had been impressed with the depth of capabilities within SecureTrack, particularly, in terms of generating insights for a user and firewall operator. With SecureTrack, I've been impressed with the level of flexibility with workflow design and its ability to generate different work streams and flows through the tool that are customized for our organization processes."
"The change workflow process is flexible and customizable. I was really impressed with it. It's pretty easy. You can add automatic validation steps. Depending on the security matrix, you can pre-allow whatever flow you want."
"It's very solid product."
"The biggest thing is regarding the automation that it allows our customers to do at the end of the day so that they can go and scale their environment a lot more than they could in the past."
"The reason that we purchased the solution is because of the visibility that it provides."
 

Cons

"AWS Firewall Manager should be open to manage other third-party appliances as well."
"The system should be more customizable."
"One area for improvement is the reporting and customization option."
"For AWS WAF, we have seen cases where it allowed suspicious HTTPS headers even if they carried malicious payloads."
"AWS Firewall Manager could be improved with more granular policy customization for better visibility through enhanced dashboards and reporting."
"In AWS, there are so many features that many users get confused about what to use and what not to use."
"They could consider organizing and enhancing documentation in a more structured and chronological manner"
"I would like to see AWS add some UTM features to the firewall. It would also be great if AWS Firewall had native IPS/IDS. They have the separate IPS/IDS, GuardDuty."
"I would like see the workflow process expand out to give us the ability to tie it to other APIs."
"We want to have the ability for a ticket requester to add somebody, or to give somebody view rights to their ticket."
"It seems to be stuck between the usability of a browser-based application and a full application."
"The scalability is bad."
"It's still challenging in some cases to get it integrated with other systems."
"The metrics need improvement. They need more consistency or understanding of automation, along lines of customization of automation."
"We have had a couple issues with the VMs, but I think it was just because they were starving for resources. A recommendation on what the virtual appliances should have for resources would be appreciated."
"The topology needs improvement. If I click on the network tab, I can go get a cup of coffee, come back, and my topology is still not painted. Maybe, it's just because we have so many devices, but looking at the topology, it is too slow. The problem is that when I click on the network tab, I do not want to see the topology. I want to click on the "Next" button, so I can put in the source and destination, so I can see the path. However, I still have to sit there and wait for the topology to load, and it's frustrating. I'll click on topology and try to click that "Next" button in time to where I can get around it. But, typically, you have to wait for that topology to paint. When it paints it, it's just a bunch of black smudges because there is just so much there. It can't paint it to where you see something. I can always zoom out, or something like that, but it's really worthless."
 

Pricing and Cost Advice

"From what I've heard from my colleagues, it appears that the pricing is competitive, which influenced our decision to choose this option."
"It is a cost-efficient product."
"The licensing is on a pay-as-you-go basis and we are billed monthly."
"The AWS Firewall Manager is a little on the costly side."
"Because we're quite a large company, the price wasn't too much of a factor for us."
"This solution helps us reduce the time it takes us to make changes. We're probably saving time by 25%."
"Our licensing costs are pretty low. We were grandfathered in, so we are at about $35,000 per year."
"The solution is more reasonably priced than its competitors."
"Our licensing fees are more than $100,000 USD per year."
"The solution has helped us to reduce the time it takes to make changes. With Tufin, it takes ten to 15 minutes. Before, it was 30 minutes or more."
"Tufin and AlgoSec were pretty much in the competitive price range, but this one provided us better integration into the Check Point environment."
"We have seen ROI from the side of operations, and we'll probably get to more of that as time goes on. However it took a while to get to that point."
report
Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
903,996 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Comms Service Provider
11%
Manufacturing Company
9%
Construction Company
7%
Healthcare Company
6%
Financial Services Firm
17%
Manufacturing Company
12%
Construction Company
9%
Computer Software Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise1
Large Enterprise8
By reviewers
Company SizeCount
Small Business29
Midsize Enterprise13
Large Enterprise153
 

Questions from the Community

What is your experience regarding pricing and costs for AWS Firewall Manager?
The pricing is reasonable and follows a pay-as-you-go model, which makes it cost-effective for scaling the environment. There is no significant setup cost since the native AWS services and licensin...
What needs improvement with AWS Firewall Manager?
AWS Firewall Manager could be improved with more granular policy customization for better visibility through enhanced dashboards and reporting. Simplifying the initial setup and providing clearer d...
What is your primary use case for AWS Firewall Manager?
My primary use case for AWS Firewall Manager is to centrally manage and enforce security policies across the multiple AWS accounts and resources within our organization. It helps to streamline the ...
What needs improvement with Tufin SecureCloud?
Tufin Orchestration Suite ( /products/tufin-orchestration-suite-reviews ) is not commonly used in Thailand due to a lack of local support, and many customers are switching to AlgoSec or other vendo...
What is your primary use case for Tufin SecureCloud?
I have primarily used Skybox and AlgoSec ( /products/algosec-reviews ). I have also interacted with FireMon for compiling. However, I am not currently working with ACA, and I don't have any project...
What advice do you have for others considering Tufin SecureCloud?
There is potential for improvement in explaining the analytics in the dashboard for Tufin Orchestration Suite. Tufin Orchestration Suite does provide good monitoring; however, interpreting the grap...
 

Also Known As

No data available
Tufin SecureCloud
 

Overview

 

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers
3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
Find out what your peers are saying about AWS Firewall Manager vs. Tufin Orchestration Suite and other solutions. Updated: June 2026.
903,996 professionals have used our research since 2012.