Tufin Orchestration Suite
Strengths: Solid security policy automation for network devices.
Weaknesses: None that we found.
Verdict: A strong tool from a company whose products we have liked before. This is worth a close look. Recommended.
Another year and another version of Tufin. This year, users will notice that it is sporting a new name. It is now called the Tufin Orchestration Suite. Along with the new name there are some great new features, but more on that shortly. First, for those who are not familiar with the Tufin appliance here is a rundown. The Tufin Orchestration Suite feature three modules - SecureTrack, SecureChange and SecureApp - for managing security and compliance policies on network devices, such as routers, switches and firewalls. All these modules work in tandem to provide a comprehensive suite to ensure all network devices are kept secure without the clutter of unnecessary and unneeded rules.
The initial setup of the appliance is done by connecting it to the network and running through a short setup wizard. Once the wizard is complete the appliance is accessible on the network and can be managed from the web-based management console. Not much has changed in the look of the console from last year and we still found it just as easy to navigate via its intuitive look. All the components of the suite are combined in the single interface which makes jumping between them quick and easy.
As this suite has grown over the years so has the integration of the features. We are now finding this product starting to become more and more of a way of completely automating security policy management of network devices. SecureTrack allows for tracking of security policy and includes tools for auditing and cleaning up unneeded or obsolete rules throughout the environment. SecureChange offers a platform for automating policy changes and includes a simulation engine which can show the impact of a change before it is made. Finally, by monitoring application connectivity status and decommissioning outdated and obsolete connections SecureApp helps in allowing applications the network access they need without compromising security policy. Additionally, SecureApp can now automate the repair of broken application connections, ensuring that applications keep the network access they need to function.
Documentation included a short quick-start guide and PDF user guides for each of the three components of the suite. The quick-start guide detailed the steps necessary to get the appliance up and running in the network, and the user guides offered an excellent amount of detail on configuring and using the product features. We found all documentation to be well-organized and to include clear, step-by-step instructions and many screen shots and diagrams.
Tufin offers no-cost email- and phone-based technical support to all customers. Customers requiring 24/7 assistance can purchase a premium plan at an additional cost. Tufin also provides an online portal to customers with a knowledge base and technical documentation.
At a price of $45,000, this appliance sits at the top of the cost scale. However, we still found the Tufin Orchestration Suite to be an excellent value for the money due to its overall cost of ownership against the value returned. This product features a comprehensive feature set, robust policy engine and solid automation tools. All of this functionality is wrapped up in an easy-to-use and easy-to-manage appliance.