Try our new research platform with insights from 80,000+ expert users

RedSeal vs Tufin Orchestration Suite comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Zafran Security
Sponsored
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
2
Ranking in other categories
Vulnerability Management (27th), Continuous Threat Exposure Management (CTEM) (6th)
RedSeal
Average Rating
8.2
Reviews Sentiment
7.5
Number of Reviews
9
Ranking in other categories
Risk-Based Vulnerability Management (19th)
Tufin Orchestration Suite
Average Rating
8.0
Reviews Sentiment
7.3
Number of Reviews
183
Ranking in other categories
Firewall Security Management (2nd)
 

Mindshare comparison

Risk-Based Vulnerability Management
Firewall Security Management
 

Featured Reviews

Israel Cavazos Landini - PeerSpot reviewer
Weekly insights and risk analysis facilitate informed security decisions
I appreciate the weekly insights Zafran provides, which include critical topics for networks and IT security, allowing us to evaluate which insights apply to our environment. The organization score feature is valuable to keep the leadership team updated on how our infrastructure fares security-wise. The applicable risk level versus base risk level feature is beneficial because prior to Zafran, we only used the base risk level, but now understand that risk depends on the asset itself. Zafran is an excellent tool.
Sajid Mukhtar - PeerSpot reviewer
Provides a graphical overview of our network and is easy to deploy, but needs a user-friendly interface and a feature for compliance audit policy
Sometimes, it required us to refresh the configuration. When we integrated any of the configurations into the device, sometimes, it could not detect the exact picture of that device. So, we had to reset the device to see that if it was giving true-positive results or false-positive results. In some cases, we were not able to get true-positive results. There was some kind of bug in that version. Its interface is not user-friendly and needs to be improved. It takes time to understand the interface and various options. Skybox has quite a user-friendly interface. They could provide a feature for compliance audit policy if it is already not there. A compliance audit policy ensures that all configurations are based on the best practices standards, such as CIS benchmarks standard or other similar standards. It provides visibility about whether your device configuration is based on best practices or not. Usually, such a feature is provided by other solutions such as Meteor or Tenable Nessus.
MithatBulut - PeerSpot reviewer
New employees can quickly grasp the various IPs, devices, and the network's logical and physical
Tufin is primarily used to orchestrate and manage network traffic and firewall devices. It is specifically useful for implementing firewall policies and handling requests from clients that require policy updates or changes Tufin simplifies understanding network topology. New employees can quickly…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Zafran has become an indispensable tool in our cybersecurity arsenal."
"Zafran is an excellent tool."
"The most valuable features are network mapping and configuration."
"RedSeal integrates the network and gives us a visual or graphical overview of our network. If an organization is geographically dispersed, for instance, with one office in Canada and one office in the Philippines, the whole network, including all devices, is integrated into RedSeal, and you can see from where the traffic is going in and out."
"RedSeal has different modules, such as the Analyzer module, which can be leveraged."
"This is the only solution in the world that gives you a digital resilience score."
"Tufin Orchestration Suite is a good tool that makes firewall policies faster to implement from a central point, and its support is good."
"The most valuable features are the GUI interface and the API."
"The automated reporting on a regular basis is helping us to be compliant with legal requirements."
"Tufin is quite stable and typically does not require much troubleshooting."
"One of the things that came up this week was the ability to decommission a server, which we thought was interesting. We had a workshop recently that talked about all the things that need to be thought about when managing firewalls. People said, "A lot of times, things get forgotten when you are decommissioning a server." E.g., making sure rules are taken away and taking out the rule set. The fact that there is an automated workload for that can be helpful."
"The most valuable feature is the reporting of our risk poster in our firewall."
"It's hard to pick the most valuable feature. All of them are valuable, they're all critical for us... ChangeTrack obviously has a lot of very good features, like the risk analysis, the USP, and the Policy Browser."
"Comparing the rules and policy browser is valuable to me. It gives me the ability to pull running configs and be able to analyze them without having to go directly into the firewall."
 

Cons

"Initially, we were somewhat concerned about the scalability of Zafran due to our large asset count and the substantial amount of information we needed to process."
"There is room for improvement in integrating the OT security part and the private 5G security part in RedSeal."
"Sometimes, it required us to refresh the configuration. When we integrated any of the configurations into the device, sometimes, it could not detect the exact picture of that device. So, we had to reset the device to see that if it was giving true-positive results or false-positive results. In some cases, we were not able to get true-positive results. There was some kind of bug in that version. Its interface is not user-friendly and needs to be improved. It takes time to understand the interface and various options. Skybox has quite a user-friendly interface. They could provide a feature for compliance audit policy if it is already not there. A compliance audit policy ensures that all configurations are based on the best practices standards, such as CIS benchmarks standard or other similar standards. It provides visibility about whether your device configuration is based on best practices or not. Usually, such a feature is provided by other solutions such as Meteor or Tenable Nessus."
"One of the areas of concern is the GUI. It is important to our customers that the GUI looks beautiful. It's a Java Client, so you have a Java dependency."
"The dashboard should be improved to make correlating data easier to do."
"While Tufin is suitable for small businesses, issues can arise in larger enterprises, particularly concerning policy-based forwarding and NAT traffic."
"I would like the application to have faster response times. E.g., the dashboard may take up to two minutes to load. Or, when we do the topology seating its two and a half hours. I would like to get those times down and increase the efficiency of the product there."
"A limitation right now for compressed firewalls is the limited ability to see above a site level in terms of the Topology Mapping in the policy display. While Tufin's actively working on a solution, or at least they have this in the queue, from being able to view this on a higher level and how all of our site networks are connected, this ability would be useful, as we expect to have these compressed firewalls in place for quite some time."
"We use a lot of inline rules, and it would be beneficial to see those from within Tufin."
"The GUI needs more visibility in terms of licensing because it is hard to tell which products and licensed and which are not."
"I think that the interface could be cleaner, and easier to use."
"We found some bugs on the software, but we're working with tech support to fix them."
"One of the areas that I've had challenges with is making complicated reports."
 

Pricing and Cost Advice

Information not available
"The pricing is based on the number of endpoints and devices, and we have seen it range from mid-five figures to low six figures."
"While licensing varies greatly, it is about $50,000 a year."
"This solution helped us to reduce the time it takes to make changes. We used to spend up to an hour to do a change, and now, it's around five minutes."
"Licensing is available in both perpetual and subscription models, and it appears to be good for our scalable environments."
"Our licensing costs are pretty low. We were grandfathered in, so we are at about $35,000 per year."
"Its price is reasonable, but it could be lower. It has been cost-effective for us. We have a contract for three years."
"The solution has helped reduce the time it takes us to make changes. It helps make overall integrated changes immediately. It allows us to cut down at least a few hours in the week in regards to changes and monitoring."
"We have seen ROI from the side of operations, and we'll probably get to more of that as time goes on. However it took a while to get to that point."
"The pricing is reasonable."
report
Use our free recommendation engine to learn which Risk-Based Vulnerability Management solutions are best for your needs.
845,040 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
11%
University
6%
Manufacturing Company
6%
Government
24%
Computer Software Company
13%
Energy/Utilities Company
7%
Retailer
7%
Financial Services Firm
19%
Computer Software Company
15%
Manufacturing Company
10%
Retailer
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Zafran Security?
Pricing for Zafran Security is not expensive. We have a contract for five years, and the cost is lower than other too...
What needs improvement with Zafran Security?
I would like to see an integration with Check Point firewalls. It's essential for us and they are currently working o...
What is your primary use case for Zafran Security?
We use Zafran Security for threat prioritization. We establish priority to understand which risks should be patched o...
What needs improvement with RedSeal?
There is room for improvement in integrating the OT security part and the private 5G security part in RedSeal.
What is your primary use case for RedSeal?
The primary use cases for RedSeal are lifecycle management, vulnerabilities, and change management. Customers might l...
What do you like most about Tufin SecureCloud?
The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company...
What needs improvement with Tufin SecureCloud?
The design needs improvement, particularly in recognizing target devices and target files. Additionally, there's a ne...
What is your primary use case for Tufin SecureCloud?
My primary use case involves applying firewall policies faster from a central point. Additionally, I would like to us...
 

Also Known As

No data available
No data available
Tufin SecureCloud
 

Overview

 

Sample Customers

Information Not Available
United States Postal Service, Pacific Gas and Electric Co., Interval International
3M, AT&T, Blue Cross Blue Shield, BNP Parabas, ConocoPhillips, Deutsche Bank, GE, IBM, Pfizer, United States Postal Service 
Find out what your peers are saying about Tenable, Qualys, Rapid7 and others in Risk-Based Vulnerability Management. Updated: March 2025.
845,040 professionals have used our research since 2012.