Try our new research platform with insights from 80,000+ expert users

AWS Firewall Manager vs Tufin Orchestration Suite comparison

Amazon Web Services (AWS) and Tufin are both solutions in the Firewall Security Management category. Amazon Web Services (AWS) is ranked #9 with an average rating of 8.3, while Tufin is ranked #2 with an average rating of 8.0. Amazon Web Services (AWS) holds a 3.3% mindshare in Firewall Security Management, compared to Tufin’s 21.0% mindshare. Additionally, 100% of Amazon Web Services (AWS) users are willing to recommend the solution, compared to 91% of Tufin users who would recommend it.
AWS Firewall Manager
Read 11 AWS Firewall Manager reviews
  • 951 Views
  • 951 Comparison Views
100% willing to recommend
Tufin Orchestration Suite
Read 182 Tufin Orchestration Suite reviews
  • 6,117 Views
  • 5,628 Comparison Views
91% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Nov 4, 2024

Tufin Orchestration Suite and AWS Firewall Manager compete in the network security management category. Tufin Orchestration Suite seems to have the upper hand with its ability to manage multi-vendor environments and provide detailed policy analysis.

Features: Tufin Orchestration Suite includes SecureTrack for rule implementation and audit compliance, SecureChange for automated workflow management, and multi-vendor support for unified security management. It allows detailed network analysis supporting various firewall configurations. AWS Firewall Manager offers robust automation for policy management, easy integration within the AWS ecosystem, and cloud-native security features that simplify AWS resource protection.

Room for Improvement: Tufin Orchestration Suite could improve its topology visualization, expand support for additional security devices, and enhance third-party tool integration. Users express a need for a more user-friendly interface and flexible reporting options. AWS Firewall Manager would benefit from better documentation, expanded logging capabilities, and greater feature customization to enhance its functionality outside AWS environments.

Ease of Deployment and Customer Service: Tufin Orchestration Suite primarily deploys on-premises, supporting hybrid and private cloud setups, offering significant control but with complex deployment. Customer service is mostly praised, although experiences vary. AWS Firewall Manager is straightforward to deploy in public and hybrid cloud environments, ideal for AWS users, with generally well-regarded customer service, though improved non-AWS integration support is desired.

Pricing and ROI: Tufin Orchestration Suite is priced higher due to its extensive features, but it promises strong ROI through process simplification. Its complex licensing is based on device support. AWS Firewall Manager offers flexible cost governance but might be considered costly by some due to its pay-as-you-go model, yet it provides agility in cloud settings. Both tools enhance ROI by streamlining security operations, catering to different needs and scales.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed AWS Firewall Manager vs. Tufin Orchestration Suite Report (Updated: December 2025).
Buyer's Guide
AWS Firewall Manager vs. Tufin Orchestration Suite
December 2025
Download the complete report
Helped 880,511 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

AWS Firewall Manager
Ranking in Firewall Security Management
9th
Average Rating
8.0
Reviews Sentiment
7.1
Number of Reviews
11
Ranking in other categories
No ranking in other categories
Tufin Orchestration Suite
Ranking in Firewall Security Management
2nd
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
182
Ranking in other categories
AI Observability (78th)
 

Mindshare comparison

As of January 2026, in the Firewall Security Management category, the mindshare of AWS Firewall Manager is 3.3%, down from 5.1% compared to the previous year. The mindshare of Tufin Orchestration Suite is 21.0%, down from 21.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Firewall Security Management Market Share Distribution
ProductMarket Share (%)
Tufin Orchestration Suite21.0%
AWS Firewall Manager3.3%
Other75.7%
Firewall Security Management
 

Featured Reviews

Venda E - PeerSpot reviewer
Venda E
Cloud Option Engineer at a tech vendor with 10,001+ employees
Centralized security policies have streamlined audits and ensure consistent protection by default
One area for improvement is the reporting and customization option. The compliance reports are helpful, but having more granular insights or export options would make it even easier to use during audits. Also, support for more third-party integration could improve flexibility. Another improvement I need to see is a smoother setup experience. Some of the initial configuration steps, especially around the organization and permissions, can feel complex. A more guided setup or clear UI explanation would make it easier for teams to adopt quickly. One more improvement would be better alerting options. Right now, we mostly rely on AWS Security Hub or CloudWatch for detailed alerts. Having more built-in, real-time notification directly from AWS Firewall Manager would make it easier to monitor policy violations without extra setup.
Read full review
reviewer2688339 - PeerSpot reviewer
reviewer2688339
Works
Vulnerability control saves audit costs and reduces expenses for organizations
Tufin Orchestration Suite is not commonly used in Thailand due to a lack of local support, and many customers are switching to AlgoSec or other vendors. The analytics features of Tufin Orchestration Suite are challenging to use and require technical expertise, which is a concern as there is not much knowledge in this field in Thailand. The issue of technical knowledge, especially regarding English language proficiency, is significant for government and some companies, making Tufin Orchestration Suite harder to use.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is scaling, which allows you to deploy one configuration and scan and deploy it across the network. The automated policy application feature also streamlines security operations."
"Also, the strength of the community is invaluable."
"Once this solution is set up, we hardly have to touch it."
"The interface is intuitive and it is easy for the users."
"It is helpful for our compliance, as the compliance manager manages compliance with leading industry standards such as FedRAMP, which my company complies with, GDPR laws, and ISO 27001."
"Overall, it improved our security posture and made audits much easier."
"It has centralized cloud firewall management rules. It provides compliance in tracking and reporting."
"AWS Firewall Manager isn't a separate solution when you create the virtual private cloud (VPC), so you can control the traffic through that security group."
More AWS Firewall Manager pros
"One of the things that came up this week was the ability to decommission a server, which we thought was interesting. We had a workshop recently that talked about all the things that need to be thought about when managing firewalls. People said, "A lot of times, things get forgotten when you are decommissioning a server." E.g., making sure rules are taken away and taking out the rule set. The fact that there is an automated workload for that can be helpful."
"We can get reports with Tufin at anytime. We can have automated reports, even with security and compliance."
"It has helped us to meet our compliance mandates. We have some requirements that we need to provide more visibility on the risk levels of our firewall base and Tufin helped us with that requirement."
"The most valuable feature is that it extends security entries in the firewall policies."
"The change workflow process is flexible and customizable. We have one guy who has never logged into Tufin ever in his life. He sits down and in 30 minutes had written an automation routine, then went back and changed it. He did that with no training. For me, that is a major benefit."
"The change workflow process is flexible and customizable... If we have a firewall completed and we want to redo it, if we need to re-engineer a particular firewall and open a different destination, we can do that by creating a break-fix... That is one of its useful tools."
"It's hard to pick the most valuable feature. All of them are valuable, they're all critical for us... ChangeTrack obviously has a lot of very good features, like the risk analysis, the USP, and the Policy Browser."
"It is very stable."
More Tufin Orchestration Suite pros
 

Cons

"This solution is suitable for a small-scale enterprise and may not scale up to a very high volume of traffic or a large number of servers."
"I would like to see AWS add some UTM features to the firewall. It would also be great if AWS Firewall had native IPS/IDS. They have the separate IPS/IDS, GuardDuty."
"The system should be more customizable."
"The product could benefit from improvements in the user interface and integration capabilities."
"For AWS WAF, we have seen cases where it allowed suspicious HTTPS headers even if they carried malicious payloads."
"It needs to be more employee-friendly, and the security management could be more efficient."
"The areas of improvement are definitely platform resiliency, as we have seen outages on the AWS backbone, and whenever there is an outage on the AWS backbone, it impacts all the services hosted on that region, so we expect regional resiliency."
"Enabling and configuring the logging is not that straightforward."
More AWS Firewall Manager cons
"Customizing it can be a little tricky, but that depends on your use cases."
"We had a discussion in the Customer Advisory Board yesterday around use of SecureChange. We would like to have an opportunity for an engineer to choose if you want to make or take the policy which has been suggested by the designer functionality, making it more human readable or less human readable (more or less granular). This would be huge for the customers who are using SecureChange. They said this was one of their issues with it, especially for anything that was going into a regulator's or auditor's hands. The more human readable, the better that it would be, and this would definitely be applicable to our industry. It sounds like they are working on this issue, or they took the feedback, but that would be a big one for us in being able to make the jump to SecureChange."
"There's a need for an improved network map."
"A limitation right now for compressed firewalls is the limited ability to see above a site level in terms of the Topology Mapping in the policy display. While Tufin's actively working on a solution, or at least they have this in the queue, from being able to view this on a higher level and how all of our site networks are connected, this ability would be useful, as we expect to have these compressed firewalls in place for quite some time."
"The design needs improvement, particularly in recognizing target devices and target files. Additionally, there's a need for an improved network map."
"I don't get the full visibility. There are a lot of improvements which can be done in terms of visibility."
"The product should integrate with the UTM features."
"We need to implement micro-segmentation in our infrastructure, and we are using Cisco ACI. However, we are facing an issue with Tufin, as it does not currently support integration with ACI for micro-segmentation, even though it is advertised as such."
More Tufin Orchestration Suite cons
 

Pricing and Cost Advice

"The AWS Firewall Manager is a little on the costly side."
"The licensing is on a pay-as-you-go basis and we are billed monthly."
"From what I've heard from my colleagues, it appears that the pricing is competitive, which influenced our decision to choose this option."
"It is a cost-efficient product."
"The licensing costs are around $250,000 to $300,000."
"The seller of Tufin, when I wanted the solution, was very flexible because the cost on the lease was very high in Latin America. So, he was able to reduce the cost."
"Tuffin is expensive, and we have to explain to our customers the benefit for them to purchase. If we explain the benefits in the correct way they do not mind the price. We typically do costing for the customer for three to five years. We make the general total cost of ownership at the beginning of a project for our customers."
"We are seeing ROI in terms of having SecureApp."
"It's not that expensive, except for Security Groups. For us, just the Security Groups were about half of the total price. The total was about €500,000 a year, of which €200,000 was for Security Groups."
"We've seen a decrease of about 50 percent in the overall time it takes to complete a firewall change."
"The price is on the cheaper side."
"There is no issue with the pricing because we used a VM. That kept the cost low, as compared to an appliance."
More Tufin Orchestration Suite pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Firewall Security Management solutions are best for your needs.
See recommendations
880,511 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
9%
Computer Software Company
7%
Comms Service Provider
7%
Manufacturing Company
7%
Financial Services Firm
15%
Manufacturing Company
12%
Computer Software Company
12%
Educational Organization
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business5
Large Enterprise8
By reviewers
Company SizeCount
Small Business29
Midsize Enterprise13
Large Enterprise152
 

Questions from the Community

What is your experience regarding pricing and costs for AWS Firewall Manager?
AWS licenses in general are expensive, as the overall suite of services that we buy from AWS goes in the range of tens of million dollars. The services we get are value for money; AWS has a pay-as-...
See all answers
What needs improvement with AWS Firewall Manager?
The areas of improvement are definitely platform resiliency, as we have seen outages on the AWS backbone, and whenever there is an outage on the AWS backbone, it impacts all the services hosted on ...
See all answers
What is your primary use case for AWS Firewall Manager?
We host our applications on the AWS platform, and to secure our boundaries, we are using AWS Firewall Manager, Web Application Firewall, and AWS Shield Advanced.
See all answers
What needs improvement with Tufin SecureCloud?
Tufin Orchestration Suite ( /products/tufin-orchestration-suite-reviews ) is not commonly used in Thailand due to a lack of local support, and many customers are switching to AlgoSec or other vendo...
See all answers
What is your primary use case for Tufin SecureCloud?
I have primarily used Skybox and AlgoSec ( /products/algosec-reviews ). I have also interacted with FireMon for compiling. However, I am not currently working with ACA, and I don't have any project...
See all answers
What advice do you have for others considering Tufin SecureCloud?
There is potential for improvement in explaining the analytics in the dashboard for Tufin Orchestration Suite. Tufin Orchestration Suite does provide good monitoring; however, interpreting the grap...
See all answers
 

Comparisons

Fortinet FortiGate Cloud vs AWS Firewall Manager Logo
Fortinet FortiGate Cloud vs AWS Firewall Manager
Compared 42% of the time
Palo Alto Networks Panorama vs AWS Firewall Manager Logo
Palo Alto Networks Panorama vs AWS Firewall Manager
Compared 14% of the time
AlgoSec vs AWS Firewall Manager Logo
AlgoSec vs AWS Firewall Manager
Compared 9% of the time
Skybox Security Suite vs AWS Firewall Manager Logo
Skybox Security Suite vs AWS Firewall Manager
Compared 8% of the time
FireMon Security Manager vs AWS Firewall Manager Logo
FireMon Security Manager vs AWS Firewall Manager
Compared 7% of the time
More AWS Firewall Manager Competitors
FireMon Security Manager vs Tufin Orchestration Suite Logo
FireMon Security Manager vs Tufin Orchestration Suite
Compared 33% of the time
AlgoSec vs Tufin Orchestration Suite Logo
AlgoSec vs Tufin Orchestration Suite
Compared 33% of the time
Skybox Security Suite vs Tufin Orchestration Suite Logo
Skybox Security Suite vs Tufin Orchestration Suite
Compared 12% of the time
Palo Alto Networks Panorama vs Tufin Orchestration Suite Logo
Palo Alto Networks Panorama vs Tufin Orchestration Suite
Compared 3% of the time
Wiz vs Tufin Orchestration Suite Logo
Wiz vs Tufin Orchestration Suite
Compared 1% of the time
More Tufin Orchestration Suite Competitors
 

Product Reports

Buyer's Guide
AWS Firewall Manager
January 2026
AWS Firewall Manager reportDownload AWS Firewall Manager product report
Buyer's Guide
Tufin Orchestration Suite
December 2025
Tufin Orchestration Suite reportDownload Tufin Orchestration Suite product report
 

Also Known As

No data available
Tufin SecureCloud
 

Overview

AWS Firewall Manager is a security management service which allows you to centrally configure and manage firewall rules across your accounts and applications in AWS Organization. As new applications are created, Firewall Manager makes it easy to bring new applications and resources into compliance by enforcing a common set of security rules. Now you have a single service to build firewall rules, create security policies, and enforce them in a consistent, hierarchical manner across your entire infrastructure.

Using AWS Firewall Manager, you can easily roll out AWS WAF rules for your Application Load Balancers, API Gateways, and Amazon CloudFront distributions. Similarly, you can create AWS Shield Advanced protections for your Application Load Balancers, ELB Classic Load Balancers, Elastic IP Addresses and CloudFront distributions. Finally, with AWS Firewall Manager, you can enable security groups for your Amazon EC2 and ENI resource types in Amazon VPCs.

Amazon Web Services (AWS)

Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines. 

Tufin
 

Sample Customers

Expedia, Intuit, Royal Dutch Shell, Brooks Brothers
3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
Buyer's Guide
AWS Firewall Manager vs. Tufin Orchestration Suite
December 2025
Free Report: AWS Firewall Manager vs. Tufin Orchestration Suite
Find out what your peers are saying about AWS Firewall Manager vs. Tufin Orchestration Suite and other solutions. Updated: December 2025.
DOWNLOAD NOW
880,511 professionals have used our research since 2012.
See our AWS Firewall Manager vs. Tufin Orchestration Suite report.
See our list of best Firewall Security Management vendors.

We monitor all Firewall Security Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.