Tufin Orchestration Suite Reviews

The governance feature is handy in the process flow. Tufin is easy for an average user to be able to put in their request and have it automatically assigned to other firewalls.

We are able to review changes from the previous day to be able to compare if there's a change that goes in from one day to the next, if there's an issue, we can see what change has occurred. You can see that through the reporting. It's quick to go and pull up what changed between the two days. It works great for the users to be able to put it in. And then troubleshooting afterward if something happened to find out what had changed.

It has come a long way. Compared to where we were, it's significantly better. We were using an internal process that was intensive. This is clearly better.

From my limited use of it directly as a user, I don't think it's efficiently comparing. We were looking for a 2 of 3 match that haven’t used the same rule, and it's not working as well. It's adding additional rules into our policy at times. It could be more effective than that. I’d like it to add fewer rules but still keep the same security posture.

We’ve also had issues with speed, and it needs to be a bit more reliable. It's definitely slows up. Sometimes, just when I log in, it didn't connect me to the system or we've had to do some emergency patches on it and it would take 10 or 15 minutes to get logged in. That was kind of weird and that's happened a couple times. I think it is user-friendly, outside of the things our own internal people have added and made it a little confusing.

I think the app could be a little bit improved in the way that it selects objects.

From my user perspective, I think patching is an issue. I haven't done it, but I know they had to. It got slow, and there were issues getting connected in to it. Everything was running slow a few different times. We’ve had to contact support. There's been times we've lost a day and a half of usage.

I have not had to use technical support.

I was not part of the implementation.

It works well. It’s something you would send a colleague to use. It gives a nice process flow as far as the end user putting something in, having governance check, and being able to have multiple work screens because we have different areas of the company and different processes. They have to have different work flows. We use multiple work flows. That's handy. You can build those in, you select from the beginning and then you're off and running.

The most valuable feature that I've found is rule optimization. If the rule has massive hits and if I want to remove that rule, I can put that rule into the SecureTrack change. After a few weeks, it will tell me that these are all the IP addresses that it is hitting, and this is all the traffic that it is hitting. It provides all sorts of other information too. That's one of the features that I like in Tufin.

Having total compliance is a benefit. When our compliance department tells that there is a rule that says IP such-and-such, and that we have to remove that rule, it’s never easy for us to directly remove a rule until and unless we have some traffic analysis and so on.

Another benefit is the complete set of all rules. If I have to find a particular object, Tufin provides a search feature. That's one of the good features in Tufin. If you have more than 100 or 200 firewalls and 100 or 200 policies, and each and every policy has a humungous amount of rule numbers, it can give you detailed reports, as well as the search feature.

I would like to see improvements in historic views of rules - stating that this rule hasn't been used for the past one year, that this rule hasn't had much hits, these are all of the shadowed rules and these are all of the unshadowed rules - so we can narrow down the rule base. That's probably one of the aspects that I would like. If Tufin can help me out with that, that would be nice too.

It needs improvement with rule optimization and compliance.

Tufin product is good, but it requires a lot of CPU overhead. It might be because of the rule base we have. It might be due to other factors, but it's kind of slow for us. I would like to see an improvement in speed, as well.

It's been stable. No complaints yet, except for the upgrade. The upgrade takes a little long, but that's fine. I believe that’s because of the vastness of our environment.

We probably have more than 2,000 rules for each and every policy. It depends, 1,000 rules, 2,000 rules, somewhere in between. We have a pretty massive rule base, and it's giving good reports.

Involvement with the technical support team went well. They are cooperative.

We also use AlgoSec for analysis.

It all depends upon the environment that you’re using. Compare it to other vendors, like FireMon and AlgoSec, and then you can rate the products and decide what to use and what not to use.

We're using SecureTrack, and the most valuable feature for us is the accurate reporting it provides. Every time I run a report, I know it's going to return just the exact information I'm looking for. 

I like the ability to drill down in the reports. That's very handy. It allows you to drill down, but it doesn't show you all the information at once, because some of it can be very overwhelming. It simplifies the information and then you can drill into the details.

At first, it presents it all in one format in the report. That's the simple format. Some of the things I'm looking for, I want an answer back quickly. I can see in just a one-page review that all of the information I was looking for is there.

On an enterprise-wide scale, I would like to see improvements to the auto generation feature. We don't use it very much, if at all, because it didn't work well.
It’s the feature where Tufin can review a certain rule and recommend more granular rules based on the logs that it sees for the rule. We've had a lot of difficulty getting that to work smoothly. Our Tufin engineers have had to play with the software behind the scenes to get that feature to work. It'd be nice to be able to just turn it on and have it work, no matter where we're looking at these rules in the enterprise. That's actually been a need. We are an organization with over 15 years of firewall rule history. We need to remediate rules. We need to clean them up. That's something I think Tufin needs some improvement on. I like the ability to review Cisco configurations right there on the spot. I've found that very handy.

I think for the most part it's been stable now that we have our new hardware. Our organization's very taxing on it. We have dozens of engineers running reports at the same time, but it's usually just a workload issue. It does give you the ability to schedule reports. If it's not something you need right away, then you can just schedule the report to run as soon as possible and then continue to work somewhere else. That saves me a lot of time.

At a previous job, I used FireMon. It was similar at the time. I think Tufin has a lot more offerings with the Orchestration Suite now.

Work with the sales teams directly, because they seem very willing to be flexible with the development side. Every organization has different needs. Tufin’s willingness to be flexible impressed me.

The biggest thing is regarding the automation that it allows our customers to do at the end of the day so that they can go and scale their environment a lot more than they could in the past. I think that's really where it comes in. It's the process behind it which can be very painful and tedious. They help make it easier and it's pretty simple from that perspective. You can review compared to past policies.

It's a multi-stage process. When you first start using it, you can go based on rules and find a lot of things that you didn't know before automatically. Then over time, you can go and see points along time. See what's happened, what's changed and also make sure they're applying the appropriate policy.

Without Tufin it's a lot of manual reviews, and you'll miss things. Humans miss lots of things especially as rule bases get big.

The integration with other parts of the system, so it  a lot about process. If you have ticketing systems, other things that you're using can be helpful. For the really leading edge customers, they're able to integrate it with their other processes to the end users. The end users can be the ones requesting, saying, "I have this application and I need it to work this way." Take the technical out of it and make it a lot more business oriented so that's pretty powerful.

It's still challenging in some cases to get it integrated with other systems. Anything that Tufin or any company can do over time to make that easier and easier is going to make it easier for the end customer. A lot of times with implementations, companies don't get using it we've seen. A lot of times, we'll go in and help them which is good. In the early stages, like any product sometimes it can be hard to start using it. Ways to make it super easy for somebody coming into the game could be useful. Then from our perspective, we've seen so many services go and come. So many applications go service based (software as a service) so they certainly have an opportunity there too to do some things.

I'd rate it an 8.

We've been working with it for a long time and it's been good from that perspective. Again, we have a lot of customers. It's been really scalable. We've had some customers that are on a hundred gateways on it.

It's straightforward to set up but like anything, there can sometimes be an initial gap with usage. Get it set up, get it running and then it's the habit. Forming that habit for companies, like anything new, can be hard.

The space is pretty targeted. AlgoSec and Firemon are certainly their direct competitors. Those are really the big three in the space.

Criteria when selecting a vendor  -I think it's looking at your current processes and where you'd like to be is really what it comes down to. If you're frustrated with the ways things are working, think about the way you'd like it to be and then see what product fits into that mindset for you.

The most valuable feature is the ease of use. Creating workflows for users is very easy. It's also pretty straightforward to look at audits and compare policies.

Before Tufin, we had a very antiquated way of doing firewall requests. It was a terrible workflow system. Workflow was one of the main reasons we looked at Tufin, since it is really easy for users.

I would like to see more customization with the emails that go out, the UI, the things that I look at, and the things that I see when I log in. We mostly use SecureChange, and when I look at my tasks, I would like to have more customization to maybe add a column, for example.

We deployed it well over a year ago - Tufin SecureChange and Tufin SecureTrack.

There have been no stability issues whatsoever. It’s rock solid.

Right now, with what we're using it for, it has been scalable. We haven't had an issue with scalability at all. It's been able to keep up.

We had to work with technical support to get the certificate set up and get SSL initially configured. It went well.

Putting it together and getting it up and running was a breeze.

The top two we looked at were AlgoSec and Tufin. We felt that Tufin was the leader in the space and we chose it because it was easy to use, very customizable, and it gave us every one of the requirements that we were looking for.

I would give it a nine out of ten. It’s been a great product so far. I'd just like some more customization.

The ability for it to identify unused rules, and overlapping/redundant rules. If you had a more open rule at the top, but you put a more granular rule at the bottom, it would tell you that that granular rule wasn't needed because it was already covered by another rule. A lot of times you get multiple firewall admins who just go in and start adding stuff, and they're not always looking for what's already in place. It's redundant and they don't realize it. 

So somebody could have added a rule but they couldn't find it, so they just went ahead and added access, and in the end, Tufin will identify it and say - you have rules that you don't need. When you're dealing with very large policies (hundreds - thousands of rules) it's a big advantage. Such as if you're dealing with firewalls that host 2000+ rules.

I used to use the reporting. It was able to at a glance tell me every rule that that particular IP address was given access.

The ability to export the data outside of a PDF on some of the reports, I'm not sure that it can do that.

It scaled for our needs.

It fits in as part of the bigger picture. At the end of the day, I wish the firewall products themselves could do some of that stuff inherent to their own solution. 

Make sure you understand the capabilities and use it for what it's intended. It's not going to tell you the intent of rules, it's not going to tell you if it's a good rule or is it a bad rule, but it's going to help you with firewall clean-up or redundancy. It doesn't help a firewall admin create a better rule.

We primarily use this solution for integration, and we deploy the solution on-premises and on cloud.

They have very good responses regarding integration and internalization with open tickets.

The solution does not have automation with other Firewalls and it should be included.

We have been using this solution for approximately five years.

The solution is scalable. Currently, approximately 60% of our organization uses it.

We have had a good experience with customer service and support.

We have used AlgoSec.

Licensing costs are charged every year.

I rate this solution a six out of ten. The solution is good but can be improved by including additional automation in the next release.

We use this solution for auditing our security and system access entries, then alerting us to problems.

The auditing reports generated by this solution help us to find issues.

This solution has helped us to meet our compliance mandates. We have very strict standards and security policies that we must follow. This tool is very flexible for the management team. It also helps us to ensure that our security policy is followed across our entire hybrid network, but we have a lack of security in some points.

The most valuable feature is that it extends security entries in the firewall policies. Given the number of entries in the access control, this would take a lot of time, so this feature is very valuable for us.

The visibility this solution provides us is great. At the moment, we are in the process of continuous improvement, and we need to include these new features.

The change workflow process is okay.

I would like the ability to export information in other formats including PDF, HTML, or Excel.

The stability is very good. It's better than the other tools that we have in the company.

To this point, we have only used the basic functionality. We have several teams working with the tools.

Technical support for this solution is excellent. At the moment, we have very good communication with support.

The initial setup was good and we had no trouble with it.

We handled the deployment of this solution internally.

We did not evaluate other solutions before choosing this one.

This tool is excellent in the specific areas where it is applied. We are spending less time on manual processes and at some point, we will be stopping them.

This solution definitely helps to reduce the time it takes to make changes. With other tools, I have spent five or six hours or even days, but with this solution, it takes me thirty minutes. It can take even less, depending on the complexity of the firewall.

My only complaint is that I would like to be able to export data to different formats.

I would rate this solution a nine out of ten.