Tufin Security Suite
Strengths: Full-scale network infrastructure change and policy management
Weaknesses: Nothing that we found
Verdict: Pricey, but absolutely worth it for its powerful functionality and excellent performance. Recommended for policy management
Tufin Security Suite is back again this year and it has some great new features onboard. It comprises SecureTrack and SecureChange and Tufin's newest offering, SecureApp. These all work together to streamline firewall, router and network infrastructure policy so that all rules are in order and compliant to the organisation's needs - without being redundant or limiting.
It is available as both a physical or virtual appliance and can integrate directly into any network environment due to the large breadth of supported products.
While this tool is quite powerful, it also requires quite a bit of configuration to do its job at the highest level. The initial setup of the appliance is done by simply connecting it to the network and accessing the web-based management console to launch the initial setup wizard. Once completed, the appliance has all the network and initial configuration settings necessary to be up and running in the network. All further configuration and management is done via the web-based management console. This single console houses the various pieces of the suite, and it is easy to jump between the applications. The console was intuitive to navigate and has an organised layout.
The high point of this product is the way that all the various parts of the suite are quite powerful by themselves, as well as together. SecureTrack allows for full auditing and management of firewalls and routers throughout the entire network infrastructure. Using this, administrators can easily find and eliminate non-compliant, broken or duplicate rules quickly and easily. SecureChange takes the audit one step further by provide change management and workflows, as well as provisioning change throughout the enterprise as needed. SecureApp goes one step beyond that to automate application access and provisioning. This allows app designers and administrators to be able to ensure that an application gets the required access to the network it needs without sacrificing security.
Documentation includes a quick-start guide and user manuals for each of the three applications. The quick-start guide focuses on getting the appliance up and running in the network and the user guides provide all of the necessary configuration information for all features and functions. All documentation was well organised and includes clear instructions and screenshots.
Tufin offers no-cost email and phone support to customers during business hours. Aid on a 24/7 basis can be purchased at an additional recurring cost. Customers can also access an online portal, which includes many resources, such as a knowledgebase and documentation downloads.
At a price of £30,000 for up to 10 managed applications, Tufin Security Suite comes with quite the price tag. However, we rate it solid value for the money based on its many advanced features and how well these are integrated. It offers a robust feature set that can help streamline network infrastructure policy, along with allowing for new applications to be easily added without any worry that security is being compromised.