RedSeal vs Tufin Orchestration Suite comparison

"RedSeal has different modules, such as the Analyzer module, which can be leveraged."

"The most valuable features are network mapping and configuration."

"This is the only solution in the world that gives you a digital resilience score."

"RedSeal integrates the network and gives us a visual or graphical overview of our network. If an organization is geographically dispersed, for instance, with one office in Canada and one office in the Philippines, the whole network, including all devices, is integrated into RedSeal, and you can see from where the traffic is going in and out."

"We have a better view of our compliance status."

"The solution is good, and no clients complained about it."

"Valuable features include a central pane of management for all the firewalls and the ability to do queries on the rules and understand in which files the rules are configured."

"It has helped us to meet our compliance mandates. We have some requirements that we need to provide more visibility on the risk levels of our firewall base and Tufin helped us with that requirement."

"You can easily scale the solution if you need to."

"The change workflow process is flexible and customizable. I was really impressed with it. It's pretty easy. You can add automatic validation steps. Depending on the security matrix, you can pre-allow whatever flow you want."

"This solution has helped us to meet our compliance mandates. We implemented the Unified Security Policy (USP). This helped enforce what compliance requirements that we had. We have mitigated and remediated issues that have been brought forth due to that USP showing us issues."

"The most valuable feature are role and objects usage for individual objects and app usage."

"Sometimes, it required us to refresh the configuration. When we integrated any of the configurations into the device, sometimes, it could not detect the exact picture of that device. So, we had to reset the device to see that if it was giving true-positive results or false-positive results. In some cases, we were not able to get true-positive results. There was some kind of bug in that version. Its interface is not user-friendly and needs to be improved. It takes time to understand the interface and various options. Skybox has quite a user-friendly interface. They could provide a feature for compliance audit policy if it is already not there. A compliance audit policy ensures that all configurations are based on the best practices standards, such as CIS benchmarks standard or other similar standards. It provides visibility about whether your device configuration is based on best practices or not. Usually, such a feature is provided by other solutions such as Meteor or Tenable Nessus."

"There is room for improvement in integrating the OT security part and the private 5G security part in RedSeal."

"The dashboard should be improved to make correlating data easier to do."

"One of the areas of concern is the GUI. It is important to our customers that the GUI looks beautiful. It's a Java Client, so you have a Java dependency."

"I would like to see better report integration in this solution."

"The interface is like a 1990s kind of thing. It's a little ugly. There are many things that you cannot tweak, little things like the column width and how you display the information. You end up exporting everything to an Excel file and doing your work there."

"I would like to see more about the cloud in the next release. They need a large plan to deploy the cloud into the solution and a way to implement it."

"The biggest area where I see a need for improvement is some of the documentation and training stuff. It does a really good job of hitting the big concepts, but it needs like another layer deeper of actually getting into some of the details of how to do some of the things. Conceptually, I understand how the product works, but now how do I start building stuff and integrating it into my environment."

"A big improvement would be on the USP policy. If we could use Palo Alto to take those zone names and auto import them into the policy, then just do the policy based on the zone names instead of having to put in every single subnet."

"It would be great to add a link to Visio to create shapes directly from Tufin, as it has the configuration."

"We actually had a key issue, which was a bug, that the development team didn't want to fix. We escalated it, then it got fixed. So, the management level seems very responsive at least, but at a support level, they are just regular support people and not outstanding."

"While Tufin is suitable for small businesses, issues can arise in larger enterprises, particularly concerning policy-based forwarding and NAT traffic."

"The pricing is based on the number of endpoints and devices, and we have seen it range from mid-five figures to low six figures."

"It's not that expensive, except for Security Groups. For us, just the Security Groups were about half of the total price. The total was about €500,000 a year, of which €200,000 was for Security Groups."

"Licensing is on a customer by customer basis."

"Our evaluation showed that Tufin's features were on par with AlgoSec, but Tufin was the better financial choice."

"While licensing varies greatly, it is about $50,000 a year."

"Tufin makes things a little easier. It lessens the amount of manual work which we have to do. It has a lot of benefits in terms of revenues, profits, employee costs, and operational costs. We have already seen return on investment."

"Our licensing costs are three million total and then we pay for maintenance, which is an additional cost for three years."

"We did look at less expensive solutions than Tufin, but being a corporation, this solution made sense."

"Because we're quite a large company, the price wasn't too much of a factor for us."