Tufin SecureTrack 4.2
Strengths: Appliance-based solution with great rule-base reporting.
Weaknesses: Leans heavily on Check Point compatibility.
Verdict: Good value for customers who have many Juniper, Cisco or Check Point devices.
Tufin SecureTrack 4.2 is an appliance-based security operations solution that is used to manage policies for firewalls only. The solution interface is web-based, and supports real-time monitoring, change management and reporting for Check Point, Cisco and Juniper firewall systems.
Setup for the solution required little to no effort, as the system is shipped in the form of Tufin's T-500 appliance. The interface is fairly simple in nature, and when analyzing rule bases and running reports, you're able to see the information in the firewall vendor's native style, although sample reports provided are mostly in Check Point rule format.
The interface to add new devices within the appliance is very easy to use. In a step that is familiar with network policy device solutions, we were asked to add devices and supply credentials. Although SecureTrack doesn't actually make any changes to firewall devices directly, it has the ability to actively monitor them through simple network management protocol (SNMP) traps, Check Point OPSEC and other methods. Policies are constructed based on configuration standards within the organization and are then translated to rules for SecureTrack to monitor. Although these tasks are fairly straightforward with products in this group, some additional features provide some nice value. Firewall administrators who manage many devices will benefit from the ability to analyze rule bases for optimization. Tools can be used to periodically spot-check the rule base, or re-certification of particular rules can be scheduled across one or many devices. Also, rules usage reports can tell you what rules have gone unused across your devices, as well as the most often used rules. These are nice features that can be used to re-prioritize rules up and down the list in order to enhance performance. Side by side firewall comparisons were a nice touch as well and represent the extensive reporting capabilities for policy enforcement, change management, optimization, traffic patterns, resource usage and more.
Documentation for the solution is thorough, and the support side is superb, including several webcast training clips to walk you through many administrative steps. We definitely wish more vendors would offer these walkthroughs.
The T-500 appliance with SecureTrack 4.2 starts at $10,000. Standard support is 20 percent of the total cost and premium support (24/7) is offered at 40 percent. Professional services are available from Tufin for $3,000 a day, plus expenses. Although just a tad bit pricey, customers who are running a mix of these devices in high numbers will appreciate the features.