The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company, for example, what is allowed or not. We are able to check the rules over different gateways and set over firewalls.
Information Technology Graduate at a computer software company with 10,001+ employees
Real User
2021-04-15T13:21:59Z
Apr 15, 2021
Visibility is its largest and most valuable feature. You can see everything or all the devices on the network for each customer. It provides you a larger view of what might be wrong with the network and how you can improve it with firewall rules, etc.
If you are talking about secure change, being able to automate the entire change process is pretty much the winner for us. It is going to really reduce the time that it takes for us to do changes, and we can just go out and get more customers.
Manager of Security Engineering at Global Payments Inc.
Real User
2019-07-18T09:23:00Z
Jul 18, 2019
It is a great solution. If you have all the devices and firewalls in place, the amount of details that you get along with the network topology is very good.
This solution helps us ensure that security policy is followed across our entire hybrid network. You can have a Unified Security Policy which reaches across all networks, so if you are having a change submitted, it doesn't matter if you're enforcing it or not. You can get an alert saying, "This is a violation." That's a value-add.
CyberSecurity Supervisor at a energy/utilities company with 10,001+ employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
A customer is able to submit a request for access and Tufin will automatically analyze the system to find out where the rule needs to go, and then design the rule for you.
The change workflow process is very easy to customize. You can do a workflow however you want, so you can have an approval every single step. Or, you can remove approvals on certain steps, automating some steps.
Senior Network Engineer at a financial services firm with 10,001+ employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
The best feature for me is being able to look up objects within all of our policies, because we have a little over 12,000 rules and over 30,000 objects. When one person says, 'Hey, where's my server?' I can just go to Tufin and say, 'Hey, where is that server?' and very quickly it tells you where it is, what policy it's on. That is a life saver.
We use Tufin to clean up our firewall policies because it is so fast. A report about compliance and the clean-up process used to take about one month up before. With Tufin, it takes only one day.
There are a lot of benefits to using the reporting. It gives us duplicate objects, duplicate services, shadow firewall rules, and the firewall rules not needed for a given number of days or months.
This solution has helped us to meet our compliance mandates. We implemented the Unified Security Policy (USP). This helped enforce what compliance requirements that we had. We have mitigated and remediated issues that have been brought forth due to that USP showing us issues.
Team Lead of Border Protection at a manufacturing company with 1,001-5,000 employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
The biggest benefit for us was the time frame to complete a ticket. It went from approximately a week and a half to two weeks down to about three days.
Senior Network Security Engineer at a retailer with 10,001+ employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
Comparing the rules and policy browser is valuable to me. It gives me the ability to pull running configs and be able to analyze them without having to go directly into the firewall.
Associate Director Program Management at a pharma/biotech company with 10,001+ employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
We were hit by the NotPetya attack. Therefore, our whole company and all its sites were down for several months. So, you don't have an attack like that and not need something like Tufin. Other companies can prevent these attacks, or at least slow them down, by having this type of a tool. We will never go back.
Network Engineer at a energy/utilities company with 10,001+ employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
Our engineers are spending less time on manual processes, specifically for the reporting functionality. For doing the rule cleanup and policy analysis, it would be a nightmare to do that manually. So, it is saving our engineering teams time from not having to do manual log reviews.
Lead Engineer at a insurance company with 1,001-5,000 employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
It provides a real-time sense of how the policies are configured and whether there are any shadow rules. Another great thing is that it provides greater reporting based on how the rules have been set up.
Network Engineer at a healthcare company with 10,001+ employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
One of the biggest quick wins that we had with Tufin was cleaning up our firewall policies and rules. We cleaned out a lot of rules which helped our devices, longevity-wise, as well as speed-wise.
Network Engineer Lead at a energy/utilities company with 10,001+ employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
The visibility is huge. In order to figure out what was going on previously, we would have to pull stuff out of firewalls and put them in spreadsheets, then do sorts. Now, it's all right there in Tufin. We can write reports to look for what we need, ad hoc searches to find object groups, and know which firewalls are on. This was almost impossible to do previously.
Network Engineer at a healthcare company with 10,001+ employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
It's hard to pick the most valuable feature. All of them are valuable, they're all critical for us... ChangeTrack obviously has a lot of very good features, like the risk analysis, the USP, and the Policy Browser.
Network Security Operations at a insurance company with 10,001+ employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
We use this product to sharpen our change cycle. A request used to take quite a while as we did manual assessments. A lot of that is now done through SecureTrack.
The automation piece is the most valuable feature: having SecureChange make the change on the firewalls, instead of my having to go manually make the changes on the vendor product.
Security Analyst at a retailer with 10,001+ employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
It provides a comprehensive overview of what our network looks like in terms of what is allowed and what is not, then how the traffic' is flowing with the Network Topology Map.
Change Manager at a pharma/biotech company with 10,001+ employees
Real User
2019-07-18T08:39:00Z
Jul 18, 2019
One of the things that came up this week was the ability to decommission a server, which we thought was interesting. We had a workshop recently that talked about all the things that need to be thought about when managing firewalls. People said, "A lot of times, things get forgotten when you are decommissioning a server." E.g., making sure rules are taken away and taking out the rule set. The fact that there is an automated workload for that can be helpful.
We use Tufin to clean up our firewall policies. It benefits us, because you can run a query for whatever your cleanup criteria is, e.g., "Has it been hit in 90 days?" It displays the list, then you can see the rules right there. If you want to get rid of it (or highlight it), then it creates a ticket that goes ahead and flags them all as disabled. While you can delete them, we always disable first. Then, we have a strip that comes back, and if it's been disabled for 90 days, then the system will remove them.
This solution has helped our clients because it allows them to leverage the tools so that they can actually reduce their overall expenses for the environment.
This solution has helped us with compliance because we're able to map out certain firewall rules against compliance requirements, and we're able to write reports to show us exactly what our firewalls look like in those areas.
Network/Security Engineer at a leisure / travel company with 51-200 employees
Real User
2019-05-02T07:06:00Z
May 2, 2019
The change workflow process is flexible and customizable... If we have a firewall completed and we want to redo it, if we need to re-engineer a particular firewall and open a different destination, we can do that by creating a break-fix... That is one of its useful tools.
Network Architect at a transportation company with 10,001+ employees
Real User
2019-04-03T05:29:00Z
Apr 3, 2019
SecureChange is the most interesting part. It all comes down to having the user request firewall access and SecureChange, based on workflows, takes care of it, sending two or three emails to the business approvers. With one click, you can automate a firewall rule.
Cyber Security Engineer at a healthcare company with 10,001+ employees
Real User
2019-02-12T10:29:00Z
Feb 12, 2019
We find it to be flexible. If we have a change that needs to be done, it will go ahead and do it for all our devices, regardless of the manufacturer that we have associated with it.
The automation because it is saving a lot of work, time, and effort required to do all of our manual work. The change impact analysis is pretty good, and with the automation, it takes care of a lot of things which we would be doing manually.
Security Engineering at a financial services firm with 10,001+ employees
Real User
2019-02-12T10:29:00Z
Feb 12, 2019
We just got done with major audits. Tufin was able to provide information to give back to people, and say, "Hey, this is what I need to do, and what we're doing."
Senior Information Security Architect at First Citizens Bank
Real User
2019-02-12T10:29:00Z
Feb 12, 2019
One of the main things is to look at what policies haven't been hit, so we can remove those remnant policies when people come in, use it, and it's still left on the Check Point. So when a couple of users say, "This is not needed anymore." We'll remove it.
It provides a great visibility around the roots: Root implementing which can be done, roots that have changed, and what has been done. So, it's pretty useful when you have an audit going on.
IT Manager at a financial services firm with 10,001+ employees
Real User
2019-02-12T10:29:00Z
Feb 12, 2019
It has helped us to meet our compliance mandates. We have some requirements that we need to provide more visibility on the risk levels of our firewall base and Tufin helped us with that requirement.
Manager at a manufacturing company with 10,001+ employees
Real User
2019-02-12T10:29:00Z
Feb 12, 2019
The change workflow process is flexible and customizable. We have one guy who has never logged into Tufin ever in his life. He sits down and in 30 minutes had written an automation routine, then went back and changed it. He did that with no training. For me, that is a major benefit.
My team uses it heavily to audit the changes made by junior engineers, going back and figuring out what they messed up, and correcting their mistakes. We generate reports for customer compliance and audits, as well as for regulatory audits.
Network Engineer at a tech services company with 11-50 employees
Consultant
2018-07-30T09:01:00Z
Jul 30, 2018
Valuable features include a central pane of management for all the firewalls and the ability to do queries on the rules and understand in which files the rules are configured.
Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines.
The most valuable feature of Tufin is security auditing. We are able to check the rules and compliance of the company, for example, what is allowed or not. We are able to check the rules over different gateways and set over firewalls.
The most valuable feature of Tufin is we have better visibility and management of our file infrastructure.
The most valuable feature of Tufin is rule analysis.
The solution is good, and no clients complained about it.
They have very good responses regarding integration and internalization with open tickets.
It is very stable.
We can check and analyze the current status of our firewall rules.
The Automatic Policy Generator and Cleanup functions including the Rule and Object Usage Reports are super valuable to my customers.Â
Tufin makes quick work of firewall tasks that used to take several days, if not weeks!
Policy management and the cartography of the network have been the most valuable features.
The clarity around the auditing provides the most value for us.
All the basic functions work well.
The technical support is pretty good.
Visibility is its largest and most valuable feature. You can see everything or all the devices on the network for each customer. It provides you a larger view of what might be wrong with the network and how you can improve it with firewall rules, etc.
If you are talking about secure change, being able to automate the entire change process is pretty much the winner for us. It is going to really reduce the time that it takes for us to do changes, and we can just go out and get more customers.
The solution is quite scalable.
It allows administrators to visualize the traffic flow, and troubleshoot when necessary.
The most valuable feature is alerting, which lets me know when someone has made a change.
The filtering of lots of criteria is very valuable.
The automated reporting on a regular basis is helping us to be compliant with legal requirements.
The Automatic Policy Generator saves time because we are able to identify the required policy when a client doesn't know what he needs.
Tufin assists us in maintaining a robust view of our internal network topology.
It is a great solution. If you have all the devices and firewalls in place, the amount of details that you get along with the network topology is very good.
This solution helps us ensure that security policy is followed across our entire hybrid network. You can have a Unified Security Policy which reaches across all networks, so if you are having a change submitted, it doesn't matter if you're enforcing it or not. You can get an alert saying, "This is a violation." That's a value-add.
A customer is able to submit a request for access and Tufin will automatically analyze the system to find out where the rule needs to go, and then design the rule for you.
The change workflow process is very easy to customize. You can do a workflow however you want, so you can have an approval every single step. Or, you can remove approvals on certain steps, automating some steps.
In our current environment, the most valuable feature from Tufin is their Network Map.
The best feature for me is being able to look up objects within all of our policies, because we have a little over 12,000 rules and over 30,000 objects. When one person says, 'Hey, where's my server?' I can just go to Tufin and say, 'Hey, where is that server?' and very quickly it tells you where it is, what policy it's on. That is a life saver.
We use Tufin to clean up our firewall policies because it is so fast. A report about compliance and the clean-up process used to take about one month up before. With Tufin, it takes only one day.
There are a lot of benefits to using the reporting. It gives us duplicate objects, duplicate services, shadow firewall rules, and the firewall rules not needed for a given number of days or months.
This solution has helped us to meet our compliance mandates. We implemented the Unified Security Policy (USP). This helped enforce what compliance requirements that we had. We have mitigated and remediated issues that have been brought forth due to that USP showing us issues.
The biggest benefit for us was the time frame to complete a ticket. It went from approximately a week and a half to two weeks down to about three days.
Comparing the rules and policy browser is valuable to me. It gives me the ability to pull running configs and be able to analyze them without having to go directly into the firewall.
Tufin has made handling firewall rule request tickets more centralized and easier to manage.
We were hit by the NotPetya attack. Therefore, our whole company and all its sites were down for several months. So, you don't have an attack like that and not need something like Tufin. Other companies can prevent these attacks, or at least slow them down, by having this type of a tool. We will never go back.
Our engineers are spending less time on manual processes, specifically for the reporting functionality. For doing the rule cleanup and policy analysis, it would be a nightmare to do that manually. So, it is saving our engineering teams time from not having to do manual log reviews.
It gives our firewall administrators visibility into the total infrastructure.
It provides a real-time sense of how the policies are configured and whether there are any shadow rules. Another great thing is that it provides greater reporting based on how the rules have been set up.
One of the biggest quick wins that we had with Tufin was cleaning up our firewall policies and rules. We cleaned out a lot of rules which helped our devices, longevity-wise, as well as speed-wise.
The visibility is huge. In order to figure out what was going on previously, we would have to pull stuff out of firewalls and put them in spreadsheets, then do sorts. Now, it's all right there in Tufin. We can write reports to look for what we need, ad hoc searches to find object groups, and know which firewalls are on. This was almost impossible to do previously.
It's hard to pick the most valuable feature. All of them are valuable, they're all critical for us... ChangeTrack obviously has a lot of very good features, like the risk analysis, the USP, and the Policy Browser.
We use this product to sharpen our change cycle. A request used to take quite a while as we did manual assessments. A lot of that is now done through SecureTrack.
This solution has helped us meet our compliance mandates. Everything is all auditable. Every change is tracked down to the person and time.
The automation piece is the most valuable feature: having SecureChange make the change on the firewalls, instead of my having to go manually make the changes on the vendor product.
It provides a comprehensive overview of what our network looks like in terms of what is allowed and what is not, then how the traffic' is flowing with the Network Topology Map.
One of the things that came up this week was the ability to decommission a server, which we thought was interesting. We had a workshop recently that talked about all the things that need to be thought about when managing firewalls. People said, "A lot of times, things get forgotten when you are decommissioning a server." E.g., making sure rules are taken away and taking out the rule set. The fact that there is an automated workload for that can be helpful.
I don't think that we were ever slow, but we can now say that changes are completed within twenty-four hours.
Tufin is the only multi-vendor firewall tool that is available, and it helps to bring everything together and report on what all of the rules are.
The reports that this solution provides are very useful.
The time that we require to makes changes has been reduced from weeks to days.
We use Tufin to clean up our firewall policies. It benefits us, because you can run a query for whatever your cleanup criteria is, e.g., "Has it been hit in 90 days?" It displays the list, then you can see the rules right there. If you want to get rid of it (or highlight it), then it creates a ticket that goes ahead and flags them all as disabled. While you can delete them, we always disable first. Then, we have a strip that comes back, and if it's been disabled for 90 days, then the system will remove them.
The most valuable features are the GUI interface and the API.
The most valuable feature of this solution is that it reduces both the time required and the number of errors when making changes.
The APIs are the most valuable feature of this solution, as they facilitate integration with ServiceNow and other solutions.
The most valuable feature are role and objects usage for individual objects and app usage.
Our engineers save quite a bit of time that was previously spent on manual processes.
This has helped us to better clean up and audit changes to the firewall policy.
This solution has helped our clients because it allows them to leverage the tools so that they can actually reduce their overall expenses for the environment.
This solution has helped us with compliance because we're able to map out certain firewall rules against compliance requirements, and we're able to write reports to show us exactly what our firewalls look like in those areas.
This solution provides a more organized manner for us to track towards compliance for our PCI audits.
The most valuable feature is that it extends security entries in the firewall policies.
The most valuable feature is the reporting of our risk poster in our firewall.
I like the fact that Tufin was able to integrate with our firewalls, which include Palo Alto and FortiGate.
The change workflow process is flexible and customizable... If we have a firewall completed and we want to redo it, if we need to re-engineer a particular firewall and open a different destination, we can do that by creating a break-fix... That is one of its useful tools.
The most valuable features are the Security Risks and Best Practices reporting/Rule base cleanup.
SecureChange is the most interesting part. It all comes down to having the user request firewall access and SecureChange, based on workflows, takes care of it, sending two or three emails to the business approvers. With one click, you can automate a firewall rule.
The most valuable function is the SecureChange where it is able to automate everything from the validation of the rules to the pushing of the rules.
We have a better view of our compliance status.
We've scaled it to hundreds of firewalls.
It has allowed us to be more efficient in our processing of firewall requests.
The visibility is very good. We have managers who are overseeing it, and they are approving things through it.
We find it to be flexible. If we have a change that needs to be done, it will go ahead and do it for all our devices, regardless of the manufacturer that we have associated with it.
The product streamlines our change management process.
The automation because it is saving a lot of work, time, and effort required to do all of our manual work. The change impact analysis is pretty good, and with the automation, it takes care of a lot of things which we would be doing manually.
We can get reports with Tufin at anytime. We can have automated reports, even with security and compliance.
Its ability to detect changes within our firewall.
We just got done with major audits. Tufin was able to provide information to give back to people, and say, "Hey, this is what I need to do, and what we're doing."
Tufin allows our say junior guys to learn how to view policies. It gives them a tool that will help them consolidate and optimize.
One of the main things is to look at what policies haven't been hit, so we can remove those remnant policies when people come in, use it, and it's still left on the Check Point. So when a couple of users say, "This is not needed anymore." We'll remove it.
We are able to stay compliant with many of the regulations.
It provides a great visibility around the roots: Root implementing which can be done, roots that have changed, and what has been done. So, it's pretty useful when you have an audit going on.
SecureChange makes our lives easier with automation.
The solution helps us meet our compliance needs.
It has helped us to meet our compliance mandates. We have some requirements that we need to provide more visibility on the risk levels of our firewall base and Tufin helped us with that requirement.
The change workflow process is flexible and customizable. We have one guy who has never logged into Tufin ever in his life. He sits down and in 30 minutes had written an automation routine, then went back and changed it. He did that with no training. For me, that is a major benefit.
My team uses it heavily to audit the changes made by junior engineers, going back and figuring out what they messed up, and correcting their mistakes. We generate reports for customer compliance and audits, as well as for regulatory audits.
Tufin is our audit trail for all changes. We have to be PCI compliant, and it's the tool we go to for enforcing PCI on the network side.
The initial setup was straightforward.
Tufin has improved my organization with its configuration management. It has tremendously improved the operation's success and has made life easier.
The policy overview is valuable.
The designer gives the ability to know where to add a rule, or if the rule is already in place.
Valuable features include a central pane of management for all the firewalls and the ability to do queries on the rules and understand in which files the rules are configured.
We are able to discover firewall rules that are too broad and widen the security footprint.