Try our new research platform with insights from 80,000+ expert users
it_user437175 - PeerSpot reviewer
Telecommunication Engineer at Vodafone
Real User
What I like most is the end to end view which is quite important for supporting the design teams.

What is most valuable?

What I like most is the end to end view which is quite important for supporting the design teams.

How has it helped my organization?

In the design team, everything is based on things that already exists and Tufin helps us make changes safely.

What needs improvement?

I'd like to say SDN needs to be improved. This is the key and where the revolution in technology is going. This is something you need to be aware of as the legacy devices are not compatible with the SDN devices.

What do I think about the stability of the solution?

As far as I know, it’s OK.

Buyer's Guide
Tufin Orchestration Suite
November 2024
Learn what your peers think about Tufin Orchestration Suite. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,660 professionals have used our research since 2012.

What do I think about the scalability of the solution?

It's been able to scale for our needs. What we have is OK.

How are customer service and support?

Great. I’m not in a direct relationship with them, so it’s indirect but it's OK I think.

Which other solutions did I evaluate?

We didn't look at any other solutions.

What other advice do I have?

I think we’re not using it for all the devices we intend to use it for, but somewhere in the middle. It works, it's as simple as that because we noticed the difference after we got it working, and we immediately saw the advantages of having it.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
it_user437121 - PeerSpot reviewer
Manager, Group Leader at a tech services company with 1,001-5,000 employees
Consultant
The configuration control helps us comply with company policy.

Valuable Features

The most valuable feature for us is the configuration control. This helps us to comply with company policy.

Improvements to My Organization

We can very quickly understand the admin configuration made by the administrator.

Also, year to year the policies always grow and every day we need to check and remove rules, policies, and objects that we already have. So another very helpful feature that we use is that we take from the policies unused objects that have not been used in a long time.

Room for Improvement

We need to include more products from different vendors, but we need a universal solution to make our installations different. For example, with the web application firewalls, we need to control them. With the ideas system, we need to control them too, and if we talk about ideas and we have the solution from different vendors who have their own names for the same security checks and customer, we as an integrator need to get a deeper understanding of the difference between the different configurations.

There's also another issue. I have a very big customer, but they have some offices where they placed a check point at the wrong end. They have multiple branches, and for different branches they have a management server, but each branch needs a solution like Tufin because if you talk about every branch, it's like another big company with their own branches. We don't have the option to place Tufin at certain branches because we don't have administration rights at the branch. We need another way to use Tufin without the administration rights.

Deployment Issues

We've had no issues with deploying it.

Stability Issues

Two years ago we had some problems with stability, but now it's resolved. Since then, we've had no issues with instability.

Scalability Issues

It's scaleable for our needs. We've had no issues with scalability.

Customer Service and Technical Support

I think technical support has worked well for us.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor. The reviewer's company has a business relationship with this vendor other than being a customer: We're partners
PeerSpot user
Buyer's Guide
Tufin Orchestration Suite
November 2024
Learn what your peers think about Tufin Orchestration Suite. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,660 professionals have used our research since 2012.
it_user437178 - PeerSpot reviewer
Network Security Consultant at a tech company with 10,001+ employees
MSP
We've been using it for 4 to 5 years, mainly for rule base analysis.

Valuable Features

We use it mainly for rule base analysis. We do a lot of customs and they always have complex custom rule bases, so we need to be able to go through the rule base and also to optimize the rules.

Improvements to My Organization

We don't use it on a day to day basis. Obviously we're running it all the time but we only need to look at it once a month when we do a review. It's not something that we use all of the time. When we do perform a review, it gets passed across to the lead engineers for that particular account to look at the rule bases and agree on what we're going to do with it and then they sort it out.

Room for Improvement

One of the things that I think they're all missing is something that Indeni does where they mount the boxes proactively for us.

Use of Solution

We've been using it for around four, maybe five years.

Stability Issues

We have had no performance issues.

Scalability Issues

We did have an issue with load on the original machine but that was actually our fault. We've put it onto new servers now and haven't had a problem.

Customer Service and Technical Support

They're very, very good.

Initial Setup

There's obviously some complexity to it because you've got to open up rules for the rule bases in order to talk to firewalls, but it was easy.

Other Solutions Considered

We also looked at FireMon. One of our presidents chose Tufin. I don't know which project it was chosen for, but I knew once it was chosen, because we deal with the development and it was decided we would only have one standard solution.

Other Advice

If you follow the instructions you're good.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Information Security Analyst at a transportation company with 1,001-5,000 employees
Vendor
We use the SecureTrack module for firewall audits and analyses. While some devices are not reporting correctly to it, it could be a software compatibility issue requiring an update on our side.

What is most valuable?

The module we have used the most is SecureTrack. Our technicians use that for firewall audits and analysis. We use other drivers due to PCI regulations, so we have to have proper reporting compliance, change management, and network changes. Also in our road map is to implement secure change.

What needs improvement?

Based on the work our technician has done on it, I think it serves the purpose we brought it in for. The only issue we have had is that we have been working a long time, from the build and configuration, and we still have one issue that our Palo Alto devices are still not reporting correctly to Tufin and that needs to be resolved. I believe it’s a software compatibility issue, so it might require an update on our side. That’s still an outstanding issue. We have a known issue integrating Palo Alto, but if they have a roadmap with other customers we would love to know.

For how long have I used the solution?

We've used it for almost a year.

What do I think about the stability of the solution?

Performance is good and any queries we run are smooth and straightforward. But we haven’t loaded too much on yet. There’s a lot of build still to come. For the basic purpose of what we are using it for, it’s pretty good.

How are customer service and technical support?

They are knowledgeable and available. I've had no issues with professional services.

Which solution did I use previously and why did I switch?

Exactly because we had no firewall analyzer or a compliance and reporting tool, we brought it in. We have business requirements like PCI, and we are yet to use it for reporting or secure change.

How was the initial setup?

We just put it in to the rack, consoled in, and did the basic set up.

What about the implementation team?

We did it ourselves. Just looked at the PDF.

What's my experience with pricing, setup cost, and licensing?

When I did the self-service for licensing, I encountered some issues. Perhaps it’s because I didn’t know how many we had purchased before I had arrived, as it was sold through a WebEx.

What other advice do I have?

Pretty good, very supportive, understanding and recognizing we need to move in a phased manner. They are definitely in it for the long term. Support and professional services, we will require going in to the future.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Profferefb28 - PeerSpot reviewer
Professional Services Engineer at a tech services company
Reseller
While the product was a little slow, it did look full-featured
Pros and Cons
  • "The initial setup was straightforward."
  • "I needed more help getting the product to work in the lab."

What is our primary use case?

Our primary use case for this solution is firewall remediation.

I didn't get very far with it because I didn't used Tufin in production, only during the evaluation phase.

How has it helped my organization?

I tested it for the change orchestration. That is what my evaluation recently was specifically for. While the product was a little slow, it did look full-featured. 

What is most valuable?

The firewall remediation and compliance pieces are the most valuable features. 

What needs improvement?

I couldn't get it to work in the lab, even with help, on multiple occasions, from one of Tufin's engineers. It was set up in my private lab per all their instructions, and I gave them control of the system. However, they were unable to make it install the policies to Check Point in an automated fashion. So, I unfortunately gave up on the proof of concept at that point.

What do I think about the stability of the solution?

In terms of stability, the version I tested in the lab was okay.

What do I think about the scalability of the solution?

I don't know about the scalability, as I never got it out a very small VM.

How are customer service and technical support?

Their technical support was okay. I needed more help getting the product to work in the lab. 

Which solution did I use previously and why did I switch?

We did not have an automated provisioning solution. At that time, all firewall changes were being implemented manually by administrators.

How was the initial setup?

The initial setup was straightforward. 

What about the implementation team?

I was working directly with Tufin's sales team and SEs.

Which other solutions did I evaluate?

We looked at AlgoSec and Tufin. However, we did not chose Tufin because of the issues.

What other advice do I have?

Check the product out for yourself.

I wasn't using it for visibility into my firewall infrastructure, because I have other avenues.

I wasn't using the compliance portion when I was testing it, only the orchestration.

I want to look at Tufin for remediation and compliance in the future.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
PeerSpot user
ITSecuri46f3 - PeerSpot reviewer
IT Security Professional at a pharma/biotech company with 10,001+ employees
Real User
It provides good visibility because we have a lot of gateways globally, but the product could be more intuitive to use
Pros and Cons
  • "Tufin allows our say junior guys to learn how to view policies. It gives them a tool that will help them consolidate and optimize."
  • "It could be a little more intuitive."

What is our primary use case?

The primary use case is firewall management, consolidation, and optimization.

How has it helped my organization?

Our company has a grid, and there are different blocks of public domains and internal domains. It checks all that on our security grid. That has been customized by our administrator.

Tufin allows our say junior guys to learn how to view policies. It gives them a tool that will help them consolidate and optimize.

What is most valuable?

We use SecureChange. SecureChange is most valuable to me because I have customers out there that know the process now. 

It provides good visibility because we have a lot of gateways globally, so it consolidates them nicely.

What needs improvement?

It could be a little more intuitive. I haven't used it a lot, but it gives me the info I need, I just have to find it.

What do I think about the stability of the solution?

The stability is fine.

How are customer service and technical support?

I have not had to use the technical support. Maybe I should.

How was the initial setup?

I was not involved in the initial setup.

What was our ROI?

This solution helps us reduce the time it takes us to make changes. We're probably saving time by 25%.

What other advice do I have?

It is a really good product. It does exactly what you want it to do.

Get the training. I didn't get the training. I assume they provide training.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
it_user489249 - PeerSpot reviewer
Network Security Engineer at a pharma/biotech company with 10,001+ employees
Real User
I like how it optimizes your policy, and does a compliance check and risk analysis.

Valuable Features:

I like how it's able to optimize your policy, look at the objects, and other similar functions. We only have Check Point integrated with Tufin SecureTrack, so that's a key benefit of using it. We can check policies against past policies. It does a kind of compliance check or risk analysis if there are unused policies or unused objects. It highlights them and it gives you a good view of what doesn't need to be there.

Room for Improvement:

It would be better if Tufin could integrate with the Cisco routers, FireEye, and other devices like that, so you can do the routing changes and so on straight from SecureChange. That would be good.

I haven't looked at their latest versions or releases, what's new, and what's not. We're still running a version that's at least a year old, so I still have to look at it. If they have added integration with Cisco routers already, that's good, but we don't have that in the version that we have. It doesn't support Cisco routers at all.

Stability Issues:

It's been stable in our multi-domain environment. We have more than 20 or 30 policies.

Other Solutions Considered:

When we were looking at products that can do this, I think we only looked at Tufin. Its integration with Check Point is what led us to Tufin. That was the main reason why we looked at it.

Other Advice:

I hope that Tufin just keeps doing what they’ve been doing. We look forward for future enhancements.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
PeerSpot user
Network Specialist with 51-200 employees
Vendor
Allows us to run a report to see changes that were made and roll them back if necessary.

Valuable Features

At the moment, it's that it takes the changes made during the day and runs a report during the night so that we can go back and if there was an issue, see if it had something to do with changes that we made in the firewall.

Improvements to My Organization

Day to day, if you have a problem you can go back and see if it could be something that is related to a change that you made, because the time of the change is the same as the time the problem appeared. Then we can roll back.

Room for Improvement

It's not only the firewall rulebase we are interested in, but also application control and URL filtering and they don't do this at the moment. Once they can handle this, then they will get a better rating.

Use of Solution

We've been using it for three or four years.

Stability Issues

It's absolutely stable.

Scalability Issues

We are large, but we have no problem with scalability. We have less than ten firewalls and it handles the traffic well.

Customer Service and Technical Support

We're not in touch with Tufin, and haven't had to contact our partner much either.

Initial Setup

It was easy. More or less, it's just plug n play.

Implementation Team

Our partner/reseller installed it for us.

Other Solutions Considered

We also looked at AlgoSec, but I don't know why Tufin was chosen as this was decided by senior management.

Other Advice

Once the application control is in the system, it is a great product.

Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
PeerSpot user
Buyer's Guide
Download our free Tufin Orchestration Suite Report and get advice and tips from experienced pros sharing their opinions.
Updated: November 2024
Buyer's Guide
Download our free Tufin Orchestration Suite Report and get advice and tips from experienced pros sharing their opinions.