Tufin Orchestration Suite Reviews

I have used Tufin for traffic analysis, to check the traffic hitting a specific rule, for rule consolidation and so on. It’s really helpful. For my usage, it's very good.

We would like to see historic reports for the device, for a policy, for rule consolidation, and for rule optimization.

Also, it's pretty slow for us. Just to run an analysis for a single rule, we need to wait at least five minutes.

We had a couple of stability issues before, when we were running on our old core. We used to not get the reports as we expected. The Tufin used to get disconnected from the device and just not provide the exact reports such as the hits on the rules.
Over the last year and a half, we upgraded twice, and right now it's pretty stable.

It has been scalable for our needs.

Technical support is really good. They're supportive.

We've been using AlgoSec as well for analysis. We use both Tufin and AlgoSec for our reports.

It's a good tool. We would need a view of all the tabs, for the analysis. If it's pretty fast, that should be good for us.

The first one is the policy analyzer to help the network facility to remove objects and the server needs an object, an appliance object.

For the first one, we were able to reduce the number of rules, and the signaling one is about the compliance. We have many security rules to define the flows between the security zones, so we put all the rules under 13, and then we can generate reports.

It needs more compatibility with older firewalls.

We have no issues.

We have 2000 employees, and it's been able to scale to meet our needs.

Very easy. We got the license, and we got all the roles and information from the firewall to generate reports.

Prior to implementing, you need to know the needs for each project. If you know the needs, you will probably meet expectations.

It supports failure operational processes of the administrator, which sometimes in small companies is difficult to do. This helps me in my job to help others free up time to do other, more important tasks.

The biggest and most important benefit is that it addresses the weaknesses of our internal customers. We can perform changes in real-time instead of having to wait for days or weeks. Of course, if there are compliance issues, we can see right away whether they have documentation that addresses the issues and we can then approach management with the solution.

It doesn't have cross-vendor support for solutions such as Barracuda.

We had no issues with deployment.

We haven't had to log any support cases, so I'd say that it's a stable solution. We haven't had any issues with stability.

Our Austrain customers are not big, so scalability from my point of view is not an issue. At the moment, we haven't come across any issues with scalability, so I'd say it's perfect in that regard.

We aren't in direct contact with technical support, but we could be if necessary. But I've heard my colleagues talk about how Tufin isn't as big a company as Check Point, so that if there's a problem, the entire company helps to find a solution.

I didn't perform the initial setup, but I don't think it was too complex. We have a lot of Check Point engineers and thy have an understanding of security solutions, so it was easy for them. We have all three Tufin solution, and I think SecureApp was the most challenging, but we have experience, so the setup was still not too difficult.

We implemented it with our in-house team.

We have a close relationship with people within Tufin, many of whom came from Check Point. We didn't think about going with another vendor.

Just try it out. You should perform Proof of Concept and you’ll be reaping the benefits and seeing it’s a good product.

Our primary use case is the policy request automation workflow.

Tufin saves a lot of time on the policy requests deployment. It enhances the SLA of the policy requests or changes and enhances the accuracy of the policy deployment.

I like the policy topology map, which allows us to visualize the picture of the security policy of the whole organization.

I would like to see the hardware specifications improved. The solution requires very high specifications of hardware platforms to run it. These high requirements are quite difficult to be acquired for users. 

I have been working with Tufin for the past three or four years.

Tufin performs very well.

Tufin is definitely scalable.

Technical support is very good when escalating questions with them.

Positive

The initial setup is straightforward and easy.

I think the pricing, comparatively, is good.

The functionality, roadmap, and technical support are important to most customers. It is important to consider the integration support with other security tools and compatibility. I would rate Tufin a eight out of ten.

Our customers use Tufin to manage multiple firewall access rules through a single console. We have done on-prem, public, and private deployments of this solution.

It provides very good reports. It can easily integrate with multiple firewalls, such as Cisco, Juniper, Palo Alto, and Checkpoint. 

We can push a policy from Tufin to a firewall, which is a very good feature. We can monitor all access rules and the operating system of a firewall.

Currently, we are able to monitor access rules and the operating system of a firewall. It would be great if we can also monitor the configuration of the firewall through Tufin.

I have been using this solution for the last three years.

It is very stable. It has good stability.

It has very good scalability.

Their technical support is good.

Its initial deployment is not very easy. It is a little bit complex. After the deployment, it is easy to work with it in the GUI. Its deployment takes at least two or three days.

Customers usually evaluate AlgoSec. 

I would advise others to go for it to manage firewalls from multiple brands in a single console.

I would rate Tufin a nine out of ten.

The primary use case of this solution is for monitoring, automation, policy orchestration, and security.

The most valuable feature is the monitoring. I quite enjoy the monitoring this solution provides. It allows administrators to visualize the traffic flow, and troubleshoot when necessary. It's a useful tool.

The interface is quite user-friendly and intuitive.

The cost of this solution should be improved.

They need to offer more support to vendors, such as Cisco, Checkpoint, Fortinet, and Forcepoint.

They have an API, but it needs more service on this.

While technical support is good, they could still improve.

I have been working with Tufin for one year.

It's a stable solution. There are some bugs that they are working on but that is common with any vendor.

They do mention that they don't support specific features from Nexus for some automation but it does actually work, although it is not listed as working.

Technical support is relatively good. They are not the best but they are good.

They could improve but they do respond with accurate responses.

The initial setup was straightforward. It was deployed in less than an hour.

The first time without training, it took an hour or so, but it was quite easy.

It's quite an expensive solution.

I would recommend this solution to others who are interested in using it.
I have not worked with any other vendors with this type of solution, for example, FireMon. I haven't worked with it. 

I would recommend it specifically to start with a secure track, which is a monitoring tool. Once the customer sees it, they want the solution. Afterward, for automation and secure change.

I would rate Tufin an eight out of ten.

We do firewall reviews on a quarterly basis.

It provides me great insight into my firewalls across my organization.

We are able to stay compliant with many of the regulations. 

The rules, as they change over time, are the most valuable feature.

Its capabilities help me grow trust back and have less in-depth experience to go faster.

It is very stable.

It is very scalable.

The technical support has been on point.

The previous solution was all manual.

There was some complexity during the initial setup, but otherwise, it was fairly straightforward.

I used a partner for the integration, who was very good to work with.

Our engineers are spending less time on manual processes: 20 to 30 hour plus.

Our primary use case is fo the security of our medical facility. We have a lot of holes in the firewall and we wanted to see the details. For example, we see a lot of traffic between the different zones that we needed to reduce. So we use the solution to eliminate this traffic. It also allows us to have a lot of optimization rules for a good switching policy in the firewall. 

It can quantify and reduce a lot of risks.

I like the deployment and management of this solution. I don't have much experience in that kind of security solution, but I have three years of experience in similar solutions, like AlgoSec. I do some scripts to optimize the solution, such as configuring the API.

Additionally, when we export the report, you can see a lot of logs of all the equipment in the company and we can identify some of the machines or some log station in the network. Also, the user can create some requests to implement the flow and push the rules in the firewall. You can analyze the log and the traffic, you can have a lot of API's, and do some reporting.

In the next release I would like to see better migration in the Cloud because that will allow more visibility in the network.

I have been working with Tufin Orca for one year.

This solution was already deployed and we just manage it.

It is a stable solution.

This solution is scalable.

I have tons of contact with support. If you have some problems or issues you can contact support and manage the problem together. I did that with a lot of competitors, like Palo Alto on our network. If we have an issue in production, my production team will try to solve it or you can contact support to manage the issue.

I am satisfied with the support.

The initial setup is not complex. It's easy for me because I have some experience and training on it. Now I can do a whole production on the application.

We used an integrator for implementation because I have a colleague who has a lot more experience than me and we worked together to manage that solution.

I would recommend this solution. I think it's a good solution to have. It is good to know what this solution does in the network. You can have a lot of training on it and see a lot of questions from different users in the company.

On a scale of one to ten, I would rate it an eight.