Try our new research platform with insights from 80,000+ expert users
Tufin Orchestration Suite Logo

Tufin Orchestration Suite pros and cons

Vendor: Tufin
4.0 out of 5
Badge Leader
1,956 followers
Post review

Pros & Cons summary

Tufin Orchestration Suite provides comprehensive security policy management, robust compliance checks, and recommendations that enhance network security and policy enforcement. It supports efficient network visibility, traffic flow analysis, and scalable configurations for seamless integration with multiple vendors like Cisco, Juniper, Palo Alto, and Checkpoint. The platform simplifies change management through automation but needs improvements in vendor support, Fortinet connectivity, and better cloud migration capabilities.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Filtering based on a wide range of criteria is highly valued.
Alerting to notify of changes and compliance checks with actionable recommendations are standout features.
Allows comprehensive security audits including vulnerability and risk checks, which help ensure network devices are not compromised.
Features robust scalability and customization options that can adapt to changing management needs.
Provides extensive visibility into network device status and traffic flows, facilitating enhanced troubleshooting and policy management.

CONS

The pricing of Tufin Orchestration Suite is rather expensive and could be more competitive.
The initial setup of Tufin Orchestration Suite can be tough and complex, with some issues related to the architecture.
There is a lack of support for newer firewall vendors, specifically Palo Alto firewall platform and Fortinet.
Tufin Orchestration Suite does not currently support integration with ACI for micro-segmentation, despite being advertised as such.
Customizing Tufin Orchestration Suite can be tricky depending on use cases.
 

Tufin Orchestration Suite Pros review quotes

it_user884007 - PeerSpot reviewer
Apr 3, 2019
SecureChange is the most interesting part. It all comes down to having the user request firewall access and SecureChange, based on workflows, takes care of it, sending two or three emails to the business approvers. With one click, you can automate a firewall rule.
Read full review
RL
Jul 17, 2019
We use Tufin to clean up our firewall policies. It benefits us, because you can run a query for whatever your cleanup criteria is, e.g., "Has it been hit in 90 days?" It displays the list, then you can see the rules right there. If you want to get rid of it (or highlight it), then it creates a ticket that goes ahead and flags them all as disabled. While you can delete them, we always disable first. Then, we have a strip that comes back, and if it's been disabled for 90 days, then the system will remove them.
Read full review
PM
Jul 18, 2019
The best feature for me is being able to look up objects within all of our policies, because we have a little over 12,000 rules and over 30,000 objects. When one person says, 'Hey, where's my server?' I can just go to Tufin and say, 'Hey, where is that server?' and very quickly it tells you where it is, what policy it's on. That is a life saver.
Read full review
Buyer's Guide
Tufin Orchestration Suite
October 2024
Free Report: Tufin Orchestration Suite Reviews and More
Learn what your peers think about Tufin Orchestration Suite. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
DOWNLOAD NOW
816,406 professionals have used our research since 2012.
BW
Jul 18, 2019
One of the things that came up this week was the ability to decommission a server, which we thought was interesting. We had a workshop recently that talked about all the things that need to be thought about when managing firewalls. People said, "A lot of times, things get forgotten when you are decommissioning a server." E.g., making sure rules are taken away and taking out the rule set. The fact that there is an automated workload for that can be helpful.
Read full review
NetworkS2695 - PeerSpot reviewer
Jul 18, 2019
We use this product to sharpen our change cycle. A request used to take quite a while as we did manual assessments. A lot of that is now done through SecureTrack.
Read full review
NetworkS2260 - PeerSpot reviewer
May 2, 2019
The change workflow process is flexible and customizable... If we have a firewall completed and we want to redo it, if we need to re-engineer a particular firewall and open a different destination, we can do that by creating a break-fix... That is one of its useful tools.
Read full review
BS
Jul 17, 2019
The APIs are the most valuable feature of this solution, as they facilitate integration with ServiceNow and other solutions.
Read full review
reviewer1033653 - PeerSpot reviewer
Jan 23, 2022
Policy management and the cartography of the network have been the most valuable features.
Read full review
MU
Jul 18, 2019
In our current environment, the most valuable feature from Tufin is their Network Map.
Read full review
SF
Mar 18, 2019
The most valuable function is the SecureChange where it is able to automate everything from the validation of the rules to the pushing of the rules.
Read full review
Show 10 more reviews (out of 103)
 

Tufin Orchestration Suite Cons review quotes

it_user884007 - PeerSpot reviewer
Apr 3, 2019
The interface is like a 1990s kind of thing. It's a little ugly. There are many things that you cannot tweak, little things like the column width and how you display the information. You end up exporting everything to an Excel file and doing your work there.
Read full review
RL
Jul 17, 2019
The topology needs improvement. If I click on the network tab, I can go get a cup of coffee, come back, and my topology is still not painted. Maybe, it's just because we have so many devices, but looking at the topology, it is too slow. The problem is that when I click on the network tab, I do not want to see the topology. I want to click on the "Next" button, so I can put in the source and destination, so I can see the path. However, I still have to sit there and wait for the topology to load, and it's frustrating. I'll click on topology and try to click that "Next" button in time to where I can get around it. But, typically, you have to wait for that topology to paint. When it paints it, it's just a bunch of black smudges because there is just so much there. It can't paint it to where you see something. I can always zoom out, or something like that, but it's really worthless.
Read full review
PM
Jul 18, 2019
For me, there are two things that can make Tufin a bit better... [It needs] a better focus on automation - automating a lot of the processes; and automating rule re-certification, or at least finding a way to simplify it.
Read full review
Buyer's Guide
Tufin Orchestration Suite
October 2024
Free Report: Tufin Orchestration Suite Reviews and More
Learn what your peers think about Tufin Orchestration Suite. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
DOWNLOAD NOW
816,406 professionals have used our research since 2012.
BW
Jul 18, 2019
There are things that could be explained a little better for somebody brand new to this system, which could be helpful, especially if it was in real-time while you were working in the system. Having the ability in real-time to be able to understand search query suggestions would be helpful.
Read full review
NetworkS2695 - PeerSpot reviewer
Jul 18, 2019
The product that we have deployed for our main process gets bogged down in terms of its response. Maybe, we need to deploy a slightly smaller box. Eventually, we need to discuss this with Tufin is to see if we can move over to some sort of VM environment where we can add more processing power to it.
Read full review
NetworkS2260 - PeerSpot reviewer
May 2, 2019
When it comes to web services, in my experience, Tomcat has always gone down; after a certain amount of load it breaks down and we have to get things restored again.
Read full review
BS
Jul 17, 2019
I would really like to see a new UI for SecureChange. SecureTrack 2.0 has quite an improvement in the UI and it flows more smoothly. The current SecureTrack and SecureChange are a little blocky, and sometimes loading a tab or a page is required to refresh information. Whereas in SecureTrack 2.0, they're starting to improve on that.
Read full review
reviewer1033653 - PeerSpot reviewer
Jan 23, 2022
The network part of the solution could be improved. It's too hard because of the Tufin licensing model for the routing devices.
Read full review
MU
Jul 18, 2019
The biggest area where I see a need for improvement is some of the documentation and training stuff. It does a really good job of hitting the big concepts, but it needs like another layer deeper of actually getting into some of the details of how to do some of the things. Conceptually, I understand how the product works, but now how do I start building stuff and integrating it into my environment.
Read full review
SF
Mar 18, 2019
There is room for improvement in the speed of Tufin. It is using so many of my VM resources and yet it is still a bit slow... Even though we are allocating 130 gigs of RAM, we still have to wait for a few minutes for a single report to be generated. Otherwise it would be a perfect tool.
Read full review
Show 10 more reviews (out of 103)

Product Categories

Product Categories
Firewall Security Management
Container Security

Popular Comparisons

Popular Comparisons
AlgoSec vs Tufin Orchestration Suite Logo
AlgoSec vs Tufin Orchestration Suite
FireMon Security Manager vs Tufin Orchestration Suite Logo
FireMon Security Manager vs Tufin Orchestration Suite
Skybox Security Suite vs Tufin Orchestration Suite Logo
Skybox Security Suite vs Tufin Orchestration Suite
Palo Alto Networks Panorama vs Tufin Orchestration Suite Logo
Palo Alto Networks Panorama vs Tufin Orchestration Suite
AWS Firewall Manager vs Tufin Orchestration Suite Logo
AWS Firewall Manager vs Tufin Orchestration Suite
Azure Firewall Manager vs Tufin Orchestration Suite Logo
Azure Firewall Manager vs Tufin Orchestration Suite
ManageEngine Firewall Analyzer vs Tufin Orchestration Suite Logo
ManageEngine Firewall Analyzer vs Tufin Orchestration Suite
Cisco Defense Orchestrator vs Tufin Orchestration Suite Logo
Cisco Defense Orchestrator vs Tufin Orchestration Suite
Opinnate vs Tufin Orchestration Suite Logo
Opinnate vs Tufin Orchestration Suite
See all alternatives

Product Categories

Product Categories
Firewall Security Management
Container Security

Popular Comparisons

Popular Comparisons
AlgoSec vs Tufin Orchestration Suite Logo
AlgoSec vs Tufin Orchestration Suite
FireMon Security Manager vs Tufin Orchestration Suite Logo
FireMon Security Manager vs Tufin Orchestration Suite
Skybox Security Suite vs Tufin Orchestration Suite Logo
Skybox Security Suite vs Tufin Orchestration Suite
Palo Alto Networks Panorama vs Tufin Orchestration Suite Logo
Palo Alto Networks Panorama vs Tufin Orchestration Suite
AWS Firewall Manager vs Tufin Orchestration Suite Logo
AWS Firewall Manager vs Tufin Orchestration Suite
Azure Firewall Manager vs Tufin Orchestration Suite Logo
Azure Firewall Manager vs Tufin Orchestration Suite
ManageEngine Firewall Analyzer vs Tufin Orchestration Suite Logo
ManageEngine Firewall Analyzer vs Tufin Orchestration Suite
Cisco Defense Orchestrator vs Tufin Orchestration Suite Logo
Cisco Defense Orchestrator vs Tufin Orchestration Suite
Opinnate vs Tufin Orchestration Suite Logo
Opinnate vs Tufin Orchestration Suite
See all alternatives
Related questions
  • 45
What is the biggest difference between AlgoSec and Tufin?
  • 93
Comparing network security vendors and devices
  • 747
When should companies use SSL Inspection?
  • 17
When evaluating Firewall Security Management, what aspect do you think is the most important to look for?
  • 559
What are the most important features you would be looking for in a firewall?
  • 723
How do I estimate the required firewall throughput for my organization?
  • 32
What are the pros and cons of Tufin, AlgoSec and RedSeal?
  • 129
Tasks to Perform on Preventive Maintenance.
  • 34
Why is network segmentation important?
  • 6
Can a router with automatically-created firewall access lists be considered a scrubbing center?