RedSeal vs Tufin Orchestration Suite comparison

"RedSeal has different modules, such as the Analyzer module, which can be leveraged."

"This is the only solution in the world that gives you a digital resilience score."

"The most valuable features are network mapping and configuration."

"RedSeal integrates the network and gives us a visual or graphical overview of our network. If an organization is geographically dispersed, for instance, with one office in Canada and one office in the Philippines, the whole network, including all devices, is integrated into RedSeal, and you can see from where the traffic is going in and out."

"SecureChange makes our lives easier with automation."

"The change workflow process is flexible and customizable. I was really impressed with it. It's pretty easy. You can add automatic validation steps. Depending on the security matrix, you can pre-allow whatever flow you want."

"They have very good responses regarding integration and internalization with open tickets."

"It provides a comprehensive overview of what our network looks like in terms of what is allowed and what is not, then how the traffic' is flowing with the Network Topology Map."

"It offers automation capabilities that are very helpful, especially for network security orchestration and applying policies."

"Being able to customize your own clarity to that aspect of change management."

"Policy management and the cartography of the network have been the most valuable features."

"It allows administrators to visualize the traffic flow, and troubleshoot when necessary."

"There is room for improvement in integrating the OT security part and the private 5G security part in RedSeal."

"Sometimes, it required us to refresh the configuration. When we integrated any of the configurations into the device, sometimes, it could not detect the exact picture of that device. So, we had to reset the device to see that if it was giving true-positive results or false-positive results. In some cases, we were not able to get true-positive results. There was some kind of bug in that version. Its interface is not user-friendly and needs to be improved. It takes time to understand the interface and various options. Skybox has quite a user-friendly interface. They could provide a feature for compliance audit policy if it is already not there. A compliance audit policy ensures that all configurations are based on the best practices standards, such as CIS benchmarks standard or other similar standards. It provides visibility about whether your device configuration is based on best practices or not. Usually, such a feature is provided by other solutions such as Meteor or Tenable Nessus."

"The dashboard should be improved to make correlating data easier to do."

"One of the areas of concern is the GUI. It is important to our customers that the GUI looks beautiful. It's a Java Client, so you have a Java dependency."

"The policy browser has had trouble working. We have experienced bugs."

"We actually had a key issue, which was a bug, that the development team didn't want to fix. We escalated it, then it got fixed. So, the management level seems very responsive at least, but at a support level, they are just regular support people and not outstanding."

"Its price is reasonable, but it could be lower. It could have a more effective approach for creating and changing rules. It could provide advice or suggestions for a better understanding of rules and changing the rules. There should be suggestions for the rules that need to be changed to make them less risky."

"We would like to see more in terms of integration with other application types within the context, such as next-generation firewalls or next-generation threat devices that are out there."

"There were some hiccups here and there with the initial setup."

"They are sort of at the pilot stage on some of their products. I saw the Orca and Iris products yesterday. My initial impression of these products were that they were good products, but I felt like some of their features overlapped with SecureTrack and SecureChange, which they are already doing. So, I just wondered what direction they're going in? I understand that they are cloud products, but are these security products going to overlap each other's features at some point? This is my initial concern."

"We would like to see automation metrics, from a reporting standpoint. We would also like to see automation of site-to-site VPN tunnels. We would like to see automation of Check Point application-based firewall rules."

"The network part of the solution could be improved. It's too hard because of the Tufin licensing model for the routing devices."

"The pricing is based on the number of endpoints and devices, and we have seen it range from mid-five figures to low six figures."

"I'm saving 20 man-hours a week, so I am seeing some ROI."

"The licensing costs are a significant amount of money."

"This solution helps us reduce the time it takes us to make changes. We're probably saving time by 25%."

"For us it's around $40,000 or so."

"We haven't purchased the license yet for SecureChange. We do have plans to buy it next year."

"It is expensive, but as compared to other players, it's more or less okay. Their pricing is not very transparent. This is my biggest point regarding Tufin. I've never seen a price list or something like that. It's always individual, and in many cases, it's very confusing to know what is the base and what is the price."

"There is a permanent license for devices, but it's not relative to a device itself. Once you purchase 10 licenses for virtual appliances or virtual context, you can put them into different virtual firewalls, but you can reuse these licenses for other devices if you don't need them for the old ones."

"This solution helped us to reduce the time it takes to make changes. We used to spend up to an hour to do a change, and now, it's around five minutes."