Try our new research platform with insights from 80,000+ expert users

RedSeal vs Tufin Orchestration Suite comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
2
Ranking in other categories
Vulnerability Management (27th), Continuous Threat Exposure Management (CTEM) (6th)
RedSeal
Average Rating
8.2
Reviews Sentiment
7.5
Number of Reviews
9
Ranking in other categories
Risk-Based Vulnerability Management (19th)
Tufin Orchestration Suite
Average Rating
8.0
Reviews Sentiment
7.3
Number of Reviews
183
Ranking in other categories
Firewall Security Management (2nd)
 

Mindshare comparison

Risk-Based Vulnerability Management
Firewall Security Management
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Sajid Mukhtar - PeerSpot reviewer
Provides a graphical overview of our network and is easy to deploy, but needs a user-friendly interface and a feature for compliance audit policy
Sometimes, it required us to refresh the configuration. When we integrated any of the configurations into the device, sometimes, it could not detect the exact picture of that device. So, we had to reset the device to see that if it was giving true-positive results or false-positive results. In some cases, we were not able to get true-positive results. There was some kind of bug in that version. Its interface is not user-friendly and needs to be improved. It takes time to understand the interface and various options. Skybox has quite a user-friendly interface. They could provide a feature for compliance audit policy if it is already not there. A compliance audit policy ensures that all configurations are based on the best practices standards, such as CIS benchmarks standard or other similar standards. It provides visibility about whether your device configuration is based on best practices or not. Usually, such a feature is provided by other solutions such as Meteor or Tenable Nessus.
MithatBulut - PeerSpot reviewer
New employees can quickly grasp the various IPs, devices, and the network's logical and physical
Tufin is primarily used to orchestrate and manage network traffic and firewall devices. It is specifically useful for implementing firewall policies and handling requests from clients that require policy updates or changes Tufin simplifies understanding network topology. New employees can quickly…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Zafran is an excellent tool."
"Zafran has become an indispensable tool in our cybersecurity arsenal."
"RedSeal integrates the network and gives us a visual or graphical overview of our network. If an organization is geographically dispersed, for instance, with one office in Canada and one office in the Philippines, the whole network, including all devices, is integrated into RedSeal, and you can see from where the traffic is going in and out."
"This is the only solution in the world that gives you a digital resilience score."
"The most valuable features are network mapping and configuration."
"RedSeal has different modules, such as the Analyzer module, which can be leveraged."
"The change workflow process is very easy to customize. You can do a workflow however you want, so you can have an approval every single step. Or, you can remove approvals on certain steps, automating some steps."
"The Automatic Policy Generator saves time because we are able to identify the required policy when a client doesn't know what he needs."
"The stability is bulletproof."
"The designer gives the ability to know where to add a rule, or if the rule is already in place."
"The visibility is very good. We have managers who are overseeing it, and they are approving things through it."
"The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company, for example, what is allowed or not. We are able to check the rules over different gateways and set over firewalls."
"We have a better view of our compliance status."
"The change workflow process is flexible and customizable... If we have a firewall completed and we want to redo it, if we need to re-engineer a particular firewall and open a different destination, we can do that by creating a break-fix... That is one of its useful tools."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"There is room for improvement in integrating the OT security part and the private 5G security part in RedSeal."
"Sometimes, it required us to refresh the configuration. When we integrated any of the configurations into the device, sometimes, it could not detect the exact picture of that device. So, we had to reset the device to see that if it was giving true-positive results or false-positive results. In some cases, we were not able to get true-positive results. There was some kind of bug in that version. Its interface is not user-friendly and needs to be improved. It takes time to understand the interface and various options. Skybox has quite a user-friendly interface. They could provide a feature for compliance audit policy if it is already not there. A compliance audit policy ensures that all configurations are based on the best practices standards, such as CIS benchmarks standard or other similar standards. It provides visibility about whether your device configuration is based on best practices or not. Usually, such a feature is provided by other solutions such as Meteor or Tenable Nessus."
"One of the areas of concern is the GUI. It is important to our customers that the GUI looks beautiful. It's a Java Client, so you have a Java dependency."
"The dashboard should be improved to make correlating data easier to do."
"The initial setup was complex. We have a big environment which contributed to the setup's complexity."
"While Tufin is suitable for small businesses, issues can arise in larger enterprises, particularly concerning policy-based forwarding and NAT traffic."
"Integration for Layer 2 devices could be improved because it requires manual scripting."
"I would like to see better report integration in this solution."
"There is room for improvement in the speed of Tufin. It is using so many of my VM resources and yet it is still a bit slow... Even though we are allocating 130 gigs of RAM, we still have to wait for a few minutes for a single report to be generated. Otherwise it would be a perfect tool."
"The firewall management is complex for beginners."
"When it comes to web services, in my experience, Tomcat has always gone down; after a certain amount of load it breaks down and we have to get things restored again."
"We had a discussion in the Customer Advisory Board yesterday around use of SecureChange. We would like to have an opportunity for an engineer to choose if you want to make or take the policy which has been suggested by the designer functionality, making it more human readable or less human readable (more or less granular). This would be huge for the customers who are using SecureChange. They said this was one of their issues with it, especially for anything that was going into a regulator's or auditor's hands. The more human readable, the better that it would be, and this would definitely be applicable to our industry. It sounds like they are working on this issue, or they took the feedback, but that would be a big one for us in being able to make the jump to SecureChange."
 

Pricing and Cost Advice

Information not available
"The pricing is based on the number of endpoints and devices, and we have seen it range from mid-five figures to low six figures."
"Tuffin is expensive, and we have to explain to our customers the benefit for them to purchase. If we explain the benefits in the correct way they do not mind the price. We typically do costing for the customer for three to five years. We make the general total cost of ownership at the beginning of a project for our customers."
"It's quite an expensive solution."
"Our evaluation showed that Tufin's features were on par with AlgoSec, but Tufin was the better financial choice."
"Our licensing fees are approximately $100,000 USD yearly."
"There is no issue with the pricing because we used a VM. That kept the cost low, as compared to an appliance."
"Our licensing costs are three million total and then we pay for maintenance, which is an additional cost for three years."
"Our licensing costs are pretty low. We were grandfathered in, so we are at about $35,000 per year."
"We've seen a decrease of about 50 percent in the overall time it takes to complete a firewall change."
report
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
11%
University
6%
Retailer
6%
Government
24%
Computer Software Company
13%
Energy/Utilities Company
7%
Retailer
7%
Financial Services Firm
19%
Computer Software Company
15%
Manufacturing Company
10%
Retailer
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
Pricing for Zafran Security is not expensive. We have a contract for five years, and the cost is lower than other too...
What needs improvement with Zafran Security?
I would like to see an integration with Check Point firewalls. It's essential for us and they are currently working o...
What is your primary use case for Zafran Security?
We use Zafran Security for threat prioritization. We establish priority to understand which risks should be patched o...
What needs improvement with RedSeal?
There is room for improvement in integrating the OT security part and the private 5G security part in RedSeal.
What is your primary use case for RedSeal?
The primary use cases for RedSeal are lifecycle management, vulnerabilities, and change management. Customers might l...
What do you like most about Tufin SecureCloud?
The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company...
What needs improvement with Tufin SecureCloud?
The design needs improvement, particularly in recognizing target devices and target files. Additionally, there's a ne...
What is your primary use case for Tufin SecureCloud?
My primary use case involves applying firewall policies faster from a central point. Additionally, I would like to us...
 

Also Known As

No data available
No data available
Tufin SecureCloud
 

Overview

 

Sample Customers

Information Not Available
United States Postal Service, Pacific Gas and Electric Co., Interval International
3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management. Updated: March 2025.
844,944 professionals have used our research since 2012.