Our primary use case is for change audit.
Information Security Engineer at a tech company with 1,001-5,000 employees
Reduces the time it takes to solve a problem, which reduces the time of an outage
Pros and Cons
- "My team uses it heavily to audit the changes made by junior engineers, going back and figuring out what they messed up, and correcting their mistakes. We generate reports for customer compliance and audits, as well as for regulatory audits."
- "The reports could be easier to read and more customizable. Also, capturing some of the different versions, and being able to dig through them could be a bit better."
What is our primary use case?
How has it helped my organization?
My team uses it heavily to audit the changes made by junior engineers, going back and figuring out what they messed up, and correcting their mistakes. We generate reports for customer compliance and audits, as well as for regulatory audits.
We use it to generate reports that we are in compliance, but don't necessarily use it to mitigate any compliancy requirements then only to report on them.
What is most valuable?
The historical reporting is the most useful feature that I use the most often.
For what we use it for (change auditing), the visibility works great.
What needs improvement?
We don't have any issues with it, but the reports could be easier to read and more customizable. Also, capturing some of the different versions, and being able to dig through them could be a bit better.
Buyer's Guide
Tufin Orchestration Suite
November 2024
Learn what your peers think about Tufin Orchestration Suite. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,660 professionals have used our research since 2012.
What do I think about the stability of the solution?
The stability works, for what we've been using it for. The system has been up and running for at least a year and a half without any issues. The only time we do anything with it is when we upgrade it or patch it, but we have never had any performance issues or it falling over.
What do I think about the scalability of the solution?
The way we deployed it is sufficient for what we're using it for. We haven't really had to scale it.
How are customer service and support?
We tend to not have any issues with it, so we don't need to use support very often. For what we are using it for, it does exactly what it is supposed to, and we don't have any issues with it.
We did contact technical support when we had an appliance, then we migrated it over to a VM and it was moving some of the data from the old code format to the new one. We have also had upgrade problems with it randomly breaking on us.
My team has had a pretty good response from the technical support.
Which solution did I use previously and why did I switch?
We had a bunch of issues with junior engineers causing problems and people not knowing what was changed or what happened. We needed a solution that produced very easy to understand and quantifiable change reports.
We had a home-built solution before Tufin had maintenance issues because it was our own, and we had support issues with it. It sometimes worked, and sometimes didn't work. Tufin was a very easy shoe-in replacement for that solution.
How was the initial setup?
The setup was pretty straightforward. The documentation was pretty clear in terms of what you had to do. It was just the case of executing it.
What about the implementation team?
We deployed it ourselves.
What was our ROI?
For our numerous cases where outages had been caused by engineering errors, our ROI is in the ability to quickly go and see what the person did and fix it. Tufin reduced the time it takes to solve a problem, which reduces the time of the outage. It does have a cascading effect, but I can't quantify it to dollar amounts.
Which other solutions did I evaluate?
It has been a few years since I've looked at anything else.
What other advice do I have?
I would rate it a seven out of ten mainly because it does everything really well. In general, it still does what it's supposed to do, and we don't have any issues with it.
I would advise someone considering this solution to know exactly what you need before you start the process. Be very thorough, because the devil is in the details and you need to know exactly what you want and need. Then you'll be able to tell which solution is better, and which one gives you the better return on investment.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Network, Telecom and Storage Manager at a financial services firm with 1,001-5,000 employees
We were able to reduce the number of rules we had.
Valuable Features
The first one is the policy analyzer to help the network facility to remove objects and the server needs an object, an appliance object.
Improvements to My Organization
For the first one, we were able to reduce the number of rules, and the signaling one is about the compliance. We have many security rules to define the flows between the security zones, so we put all the rules under 13, and then we can generate reports.
Room for Improvement
It needs more compatibility with older firewalls.
Stability Issues
We have no issues.
Scalability Issues
We have 2000 employees, and it's been able to scale to meet our needs.
Customer Service and Technical Support
Very easy. We got the license, and we got all the roles and information from the firewall to generate reports.
Other Advice
Prior to implementing, you need to know the needs for each project. If you know the needs, you will probably meet expectations.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Tufin Orchestration Suite
November 2024
Learn what your peers think about Tufin Orchestration Suite. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
816,660 professionals have used our research since 2012.
Owner at a security firm with 51-200 employees
We're able to easily and quickly find out what our colleagues did and to mitigate that if it has caused any problems.
Valuable Features
It's very easy to document every change that has been done to auditors or internal auditing, but also to troubleshoot when you have more than one person taking care of your policies. So we're able to very easily and very quickly find out what our colleagues did and to mitigate that if it has caused any problems.
Room for Improvement
It seems to be stuck between the usability of a browser-based application and a full application. Part of my feelings about this have to do with my perception of working with web applications, and there tends to be almost natural laws that something might get stuck or the browser gets confused, things like that which could use some improvement.
Deployment Issues
We've had no issues with deployment.
Stability Issues
I haven't seen any stability issues. We actually seldom see issues with the product, so the experience with the support is not that common, but I think the issues we've seen have been handled quite well.
Scalability Issues
It scales very easily. I'm in a market where a 5000-user company is a large company, so there's definitely no problem there, but I easily see that the solution can scale far larger than that.
Customer Service and Technical Support
They are responsive and quick in terms of technical support.
Initial Setup
The basic installation is very easy and it's quick getting things up and running. Where there tends to be the problem is, and it's not really a Tufin issue but more a customer issue, how to really work through the policies and get the full value of the products. It's very easy to get started, and when you first get started, the further steps where you begin to make your change to your app, there are a lot of organizational work that needs to be done to get the full value of the product. This tends to be the issue with most companies.
Implementation Team
We implemented it with our in-house team.
Other Advice
This is true for Tufin and as well for many of the security vendors and their products. I think it's very important just to get started or get the easy wins first, and then go to the solution afterwards. With Tufin, I think it's very, very easy to get big easy wins up front with all the documentation and all the tracking, just to get started and move forward from there.
Disclosure: My company has a business relationship with this vendor other than being a customer: We're partners.
Technical Lead at M.Tech
Good reporting and monitoring capabilities, easy integration with different firewalls, and good stability and scalability
Pros and Cons
- "It provides very good reports. It can easily integrate with multiple firewalls, such as Cisco, Juniper, Palo Alto, and Checkpoint. We can push a policy from Tufin to a firewall, which is a very good feature. We can monitor all access rules and the operating system of a firewall."
- "Currently, we are able to monitor access rules and the operating system of a firewall. It would be great if we can also monitor the configuration of the firewall through Tufin."
What is our primary use case?
Our customers use Tufin to manage multiple firewall access rules through a single console. We have done on-prem, public, and private deployments of this solution.
What is most valuable?
It provides very good reports. It can easily integrate with multiple firewalls, such as Cisco, Juniper, Palo Alto, and Checkpoint.
We can push a policy from Tufin to a firewall, which is a very good feature. We can monitor all access rules and the operating system of a firewall.
What needs improvement?
Currently, we are able to monitor access rules and the operating system of a firewall. It would be great if we can also monitor the configuration of the firewall through Tufin.
For how long have I used the solution?
I have been using this solution for the last three years.
What do I think about the stability of the solution?
It is very stable. It has good stability.
What do I think about the scalability of the solution?
It has very good scalability.
How are customer service and technical support?
Their technical support is good.
How was the initial setup?
Its initial deployment is not very easy. It is a little bit complex. After the deployment, it is easy to work with it in the GUI. Its deployment takes at least two or three days.
Which other solutions did I evaluate?
Customers usually evaluate AlgoSec.
What other advice do I have?
I would advise others to go for it to manage firewalls from multiple brands in a single console.
I would rate Tufin a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
Presales Network & Security Engineer at a tech services company with 51-200 employees
User-friendly, intuitive, easy to set up, with good monitoring and support
Pros and Cons
- "It allows administrators to visualize the traffic flow, and troubleshoot when necessary."
- "They need to offer more support to vendors, such as Cisco, Checkpoint, Fortinet, and Forcepoint."
What is our primary use case?
The primary use case of this solution is for monitoring, automation, policy orchestration, and security.
What is most valuable?
The most valuable feature is the monitoring. I quite enjoy the monitoring this solution provides. It allows administrators to visualize the traffic flow, and troubleshoot when necessary. It's a useful tool.
The interface is quite user-friendly and intuitive.
What needs improvement?
The cost of this solution should be improved.
They need to offer more support to vendors, such as Cisco, Checkpoint, Fortinet, and Forcepoint.
They have an API, but it needs more service on this.
While technical support is good, they could still improve.
For how long have I used the solution?
I have been working with Tufin for one year.
What do I think about the stability of the solution?
It's a stable solution. There are some bugs that they are working on but that is common with any vendor.
They do mention that they don't support specific features from Nexus for some automation but it does actually work, although it is not listed as working.
How are customer service and technical support?
Technical support is relatively good. They are not the best but they are good.
They could improve but they do respond with accurate responses.
How was the initial setup?
The initial setup was straightforward. It was deployed in less than an hour.
The first time without training, it took an hour or so, but it was quite easy.
What's my experience with pricing, setup cost, and licensing?
It's quite an expensive solution.
What other advice do I have?
I would recommend this solution to others who are interested in using it.
I have not worked with any other vendors with this type of solution, for example, FireMon. I haven't worked with it.
I would recommend it specifically to start with a secure track, which is a monitoring tool. Once the customer sees it, they want the solution. Afterward, for automation and secure change.
I would rate Tufin an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Distributor
Senior Information Security Engineer at a financial services firm with 501-1,000 employees
It allows us to evaluate and build matrices and to see how rules work with it to see whether they are secure.
Valuable Features:
We use it to track changes and the policies that we've implemented into our system.
Improvements to My Organization:
It allows us to evaluate and build matrices, and see how rules work with it to see whether they are secure.
The biggest benefit of this is that it allows us to see how security functions as a hole. Also, it lets me see where the holes are and how things function.
Room for Improvement:
The rules and configurations can be clunky. I have to wade through different things to get what I'm looking for, but the more I use, the more it makes sense to me.
Use of Solution:
The company has used it for 2 years, but I've used it for 1.
Stability Issues:
No issues with stability.
Scalability Issues:
The scalability has been great, and we've implemented it on 25 devices now.
Initial Setup:
The implementation is straightforward.
Implementation Team:
I did it in-house, but tech support helped me walk through it and find missing pieces.
Other Advice:
Try to get a training course on what it can do, so that when you go to implement it you can get the most out of it. If I had known all the features from a training class, I would have implemented it differently from the guy who did it for us.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Security Operations Engineer at a security firm with 201-500 employees
Quantifies and reduces many risks and eliminates traffic between different zones
Pros and Cons
- "I like the deployment and management of this solution."
- "In the next release I would like to see better migration in the Cloud because that will allow more visibility in the network."
What is our primary use case?
Our primary use case is fo the security of our medical facility. We have a lot of holes in the firewall and we wanted to see the details. For example, we see a lot of traffic between the different zones that we needed to reduce. So we use the solution to eliminate this traffic. It also allows us to have a lot of optimization rules for a good switching policy in the firewall.
It can quantify and reduce a lot of risks.
What is most valuable?
I like the deployment and management of this solution. I don't have much experience in that kind of security solution, but I have three years of experience in similar solutions, like AlgoSec. I do some scripts to optimize the solution, such as configuring the API.
Additionally, when we export the report, you can see a lot of logs of all the equipment in the company and we can identify some of the machines or some log station in the network. Also, the user can create some requests to implement the flow and push the rules in the firewall. You can analyze the log and the traffic, you can have a lot of API's, and do some reporting.
What needs improvement?
In the next release I would like to see better migration in the Cloud because that will allow more visibility in the network.
For how long have I used the solution?
I have been working with Tufin Orca for one year.
This solution was already deployed and we just manage it.
What do I think about the stability of the solution?
It is a stable solution.
What do I think about the scalability of the solution?
This solution is scalable.
How are customer service and technical support?
I have tons of contact with support. If you have some problems or issues you can contact support and manage the problem together. I did that with a lot of competitors, like Palo Alto on our network. If we have an issue in production, my production team will try to solve it or you can contact support to manage the issue.
I am satisfied with the support.
How was the initial setup?
The initial setup is not complex. It's easy for me because I have some experience and training on it. Now I can do a whole production on the application.
What about the implementation team?
We used an integrator for implementation because I have a colleague who has a lot more experience than me and we worked together to manage that solution.
What other advice do I have?
I would recommend this solution. I think it's a good solution to have. It is good to know what this solution does in the network. You can have a lot of training on it and see a lot of questions from different users in the company.
On a scale of one to ten, I would rate it an eight.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Group IT Governance - IT Security Engineer at a financial services firm with 10,001+ employees
It gives us a better view of the rules. We found that we can send invites to the owner of the application to find out if they still needs to use it. If they don't, we can then remove it.
Valuable Features
Being able to use tools and zero key rules, we are in a place to clean up. It is good for management because they can see exactly what is going on.
Improvements to My Organization
It gives us a better view of the rules. We found that we can send invites to the owner of the application to find out if they still needs to use it, and if they say that they don't want it, then we can observe the rule and remove it if possible.
Room for Improvement
More integrations is something that I would like to see in the future.
Stability Issues
It is very stable.
Scalability Issues
It's been able to scale for our needs. We only need to drag files for our subsidiaries into our devices, and currently we have about forty or fifty devices.
Customer Service and Technical Support
I've never contacted them directly as I go through our partner who were also the reseller.
Initial Setup
I think it was very easy. Of course the technical guy was very good. He did it in a matter of two or three days because it was a big contract.
Other Advice
We are very happy and it's a good product We take the reports, we see the zero keys, we see no rules that are not used, rules left over, I focus on those because this is my field.
Disclosure: PeerSpot contacted the reviewer to collect the review and to validate authenticity. The reviewer was referred by the vendor, but the review is not subject to editing or approval by the vendor.
Buyer's Guide
Download our free Tufin Orchestration Suite Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
FireMon Security Manager
Skybox Security Suite
Palo Alto Networks Panorama
AWS Firewall Manager
Azure Firewall Manager
ManageEngine Firewall Analyzer
Cisco Defense Orchestrator
Buyer's Guide
Download our free Tufin Orchestration Suite Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What is the biggest difference between AlgoSec and Tufin?
- Comparing network security vendors and devices
- When should companies use SSL Inspection?
- When evaluating Firewall Security Management, what aspect do you think is the most important to look for?
- What are the most important features you would be looking for in a firewall?
- How do I estimate the required firewall throughput for my organization?
- What are the pros and cons of Tufin, AlgoSec and RedSeal?
- Tasks to Perform on Preventive Maintenance.
- Why is network segmentation important?
- Can a router with automatically-created firewall access lists be considered a scrubbing center?