Networking and IT Services Monitoring Manager at Energa SA
Real User
Top 10
2024-08-28T14:35:03Z
Aug 28, 2024
We used a version from a few years ago. So, I think my opinion would be a little outdated. Moreover, at the time, there were no huge complaints. Customizing it can be a little tricky, but that depends on your use cases.
The reporting function could improve in Tufin. For our clients with companies that have strong compliance, reporting privacy data is mostly a problem. In the IT department, private data needs a function that one person can analyze it. It requires multiple people to analyze the data. Tufin currently supports various firewall gateways, such as Checkpoint, Palo Alto, Fortinet, and Cisco. However, it would be beneficial if they expanded their support to include other security providers. For example, in Germany, government agencies often use specialized firewalling components from companies, such as Genua and Rohde & Schwarz. It would be a valuable addition for Tufin to include support for these solutions to better serve the German market.
Senior network engineer at a media company with 11-50 employees
Real User
Top 5
2023-01-18T18:15:23Z
Jan 18, 2023
We need to implement micro-segmentation in our infrastructure, and we are using Cisco ACI. However, we are facing an issue with Tufin, as it does not currently support integration with ACI for micro-segmentation, even though it is advertised as such. There should be a feature in Tufin that would make it easier to back up configurations and schedule changes, as well as make it easier to roll back changes if something goes wrong. This would make it less time-consuming and more efficient.
Senior IP Network Defense at a comms service provider with 10,001+ employees
Real User
2020-02-16T08:27:00Z
Feb 16, 2020
One area in which I need it to improve is that I need it to accommodate all the files and all the tools. For example, when I buy the firewall management tool, I want it to manage the firewall of every firewall I use across my organization. If I'm going to depend on only one vendor, and it looks likes a vendor or a catered tool, it can't help on any vendor to scan the technology and give the auditing compliance. This is something they can improve from their side. The second thing I need is that if Tufin comes and deploys their solutions on my premises, I would like to have full support from them. Unfortunately, I didn't have their full support. So what worried me is that whenever the box is no longer working, then I'm no longer going to be able to see my compliance. I know I'm not going to charge whoever is not complying on my premises. To sum up, the two main negative points with Tufin Orca are the absence of full support and that accommodation of files and tools is not provided in a good way. Additionally, what Tufin should include in the next release is the ability to see the logical bullets points. In my case, I wanted to see the physical report because when things tripped and went wrong we needed to start fixing it on the physical side. So I would like to have the physical tool policy before we can have the looks side. But on the looks side it was very good. We need to filter up to it regarding the beneficiaries in the policies. So it was very good on that side of the data, but when I'm using it as a firewall manager, and then find the firewall is down, I need to see it on the Tufin. Also, I need the capability for Tufin to start alerting me whenever there is a change on the firewall. I can say that we didn't know about that function on Tufin and when we try to communicate with the Tufin guys, they are not able to assist us on that. So we end up having someone go to our firewall and start to make a change, and we end up not having the right thing and not being able to manage our firewall accordingly. The main point of using the same tool as a firewall manager is to have the daily health check of the box.
Senior IP Network Defense at a comms service provider with 10,001+ employees
Real User
2020-02-03T09:10:16Z
Feb 3, 2020
My worry with Tufin is that it cannot connect to Fortinet, which is what I want to do. In order for this solution to be useful, it needs to be able to manage every type of firewall that I come across in my organization. I do not want to be tied to one vendor. Integration with all types of firewalls and related tools is necessary. When Tufin deploys solutions on-premises then they should provide full support, but this was not the case in my organization. The implementation, including integration with other solutions, is complex and should be simplified. I want to see the physical topology of the network in order to help with troubleshooting. I would like Tufin to alert me whenever there is a change in the firewall.
Tufin enables organizations to automate their security policy visibility, risk management, provisioning and compliance across their multi-vendor, hybrid environment. Customers gain visibility and control across their network, ensure continuous compliance with security standards and embed security enforcement into workflows and development pipelines.
While Tufin is suitable for small businesses, issues can arise in larger enterprises, particularly concerning policy-based forwarding and NAT traffic.
We used a version from a few years ago. So, I think my opinion would be a little outdated. Moreover, at the time, there were no huge complaints. Customizing it can be a little tricky, but that depends on your use cases.
The reporting function could improve in Tufin. For our clients with companies that have strong compliance, reporting privacy data is mostly a problem. In the IT department, private data needs a function that one person can analyze it. It requires multiple people to analyze the data. Tufin currently supports various firewall gateways, such as Checkpoint, Palo Alto, Fortinet, and Cisco. However, it would be beneficial if they expanded their support to include other security providers. For example, in Germany, government agencies often use specialized firewalling components from companies, such as Genua and Rohde & Schwarz. It would be a valuable addition for Tufin to include support for these solutions to better serve the German market.
We need to implement micro-segmentation in our infrastructure, and we are using Cisco ACI. However, we are facing an issue with Tufin, as it does not currently support integration with ACI for micro-segmentation, even though it is advertised as such. There should be a feature in Tufin that would make it easier to back up configurations and schedule changes, as well as make it easier to roll back changes if something goes wrong. This would make it less time-consuming and more efficient.
The reporting during the initial setup could be better by including more automation, and the pricing should be reviewed, as it is a little too high.
In the next release I would like to see better migration in the Cloud because that will allow more visibility in the network.
One area in which I need it to improve is that I need it to accommodate all the files and all the tools. For example, when I buy the firewall management tool, I want it to manage the firewall of every firewall I use across my organization. If I'm going to depend on only one vendor, and it looks likes a vendor or a catered tool, it can't help on any vendor to scan the technology and give the auditing compliance. This is something they can improve from their side. The second thing I need is that if Tufin comes and deploys their solutions on my premises, I would like to have full support from them. Unfortunately, I didn't have their full support. So what worried me is that whenever the box is no longer working, then I'm no longer going to be able to see my compliance. I know I'm not going to charge whoever is not complying on my premises. To sum up, the two main negative points with Tufin Orca are the absence of full support and that accommodation of files and tools is not provided in a good way. Additionally, what Tufin should include in the next release is the ability to see the logical bullets points. In my case, I wanted to see the physical report because when things tripped and went wrong we needed to start fixing it on the physical side. So I would like to have the physical tool policy before we can have the looks side. But on the looks side it was very good. We need to filter up to it regarding the beneficiaries in the policies. So it was very good on that side of the data, but when I'm using it as a firewall manager, and then find the firewall is down, I need to see it on the Tufin. Also, I need the capability for Tufin to start alerting me whenever there is a change on the firewall. I can say that we didn't know about that function on Tufin and when we try to communicate with the Tufin guys, they are not able to assist us on that. So we end up having someone go to our firewall and start to make a change, and we end up not having the right thing and not being able to manage our firewall accordingly. The main point of using the same tool as a firewall manager is to have the daily health check of the box.
My worry with Tufin is that it cannot connect to Fortinet, which is what I want to do. In order for this solution to be useful, it needs to be able to manage every type of firewall that I come across in my organization. I do not want to be tied to one vendor. Integration with all types of firewalls and related tools is necessary. When Tufin deploys solutions on-premises then they should provide full support, but this was not the case in my organization. The implementation, including integration with other solutions, is complex and should be simplified. I want to see the physical topology of the network in order to help with troubleshooting. I would like Tufin to alert me whenever there is a change in the firewall.