New Version of Top-Rated Solution Also Features High
Availability and Cisco Device Configuration Reports, Extending the
ROI for Security Lifecycle Management
September 13, 2011 - Tufin Technologies
today announced version 6.0 of its award-winning Tufin Security
Suite (TSS), the combined offering of its flagship firewall
operations management and compliance product, SecureTrack™, and
SecureChange™, its security change automation solution. Version 6.0
continues Tufin's tradition of innovation: The ability to set and
enforce user and application level policies for Palo Alto Networks
Next Generation firewalls is a major market milestone, as is
Tufin's Topology Intelligence, with support for an unlimited number
of devices. Tufin's comprehensive Topology Intelligence enables
network administrators to immediately and strategically determine
what policy changes result in the most efficient path between any
given network source and destination.
"Next Generation firewalls offer many advantages over
traditional network firewalls, but they introduce additional
complexity. Tufin's ability to set and enforce polices based on
user and application data has enabled us to maximize our investment
in Next Generation firewalls and despite the added complexity, has
substantially reduced our management burden," said Alistair
Carnegie, network security analyst, Baillie Gifford. "As we
transitioned to Next Generation firewalls, we used Tufin's
Automatic Policy Generator, which added tremendous value by
enabling us to quickly populate our Next Generation firewalls with
"As a former firewall administrator, I know how hard it is to
implement and maintain effective firewall rules, and as an analyst,
I can appreciate how the increased complexity of those rule sets
impacts operations as more business applications run through the
browser," said Diana Kelley, principal, Security Curve.
"Application aware firewalls are becoming the standard, but most
organizations are still early on the migration path. Solutions that
help companies manage network and application firewall rules
effectively can reduce risk and overhead while gaining better
control over their security and compliance posture."
Key additions to TSS 6.0 include:
- Enhanced support for Next Generation
firewalls: TSS 6.0 provides deeper directory services
integration of user and application intelligence, support for
multi-dimensional Policy Analysis queries according to user and
application, and definition of Compliance Policies and Compliance
Reports such as black list and white list according to user and
application. As a result, Tufin has delivered the first Security
Lifecycle Management solution to transition from monitoring to
proactive management of Next Generation firewalls.
- Enhanced Network Topology Intelligence is
integrated into several key components of TSS, allowing security
administrators the ability to leverage security policies as a
strategic tool for controlling the flow of network traffic via a
dynamic, visual map of all devices and zones on the network.
- Cisco Device Configuration Reports: TSS's
Device Configuration Report is specially designed for Cisco routers
and switches, checking for common security settings and
misconfigurations that are critical for overall device and network
security. The report, which is in line with the CIS IOS Benchmark
and the NSA's Router Security Configuration Guide, checks for many
common security settings like SNMP settings, authentication
settings, NTP settings, unnecessary services, Syslog settings, and
- Enhanced, Graphical Policy Change Advisor with
Vendor-Specific Change Recommendations uses Tufin's
Network Topology Intelligence to provide a graphic display of
policy rules along with the full access path between any specified
source and destination. It gives security administrators
vendor-specific configuration recommendations for each of the
devices in the access path, making it much easier and faster for
administrators to fulfill change requests accurately.
- Enhanced Rule Documentation and
Recertification now includes triggered alerts and
scheduled reports for expiring rules, rule owners, or any other
- Extensive SecureChange Customization
API allows security managers to customize ticketing
workflows and integrate with additional systems. New API
capabilities include the ability to execute scripts between
workflow steps, submit requests via e-mail, and open requests from
an external system.
- Enhanced Support for Conditional
Workflows includes more options for defining the most
complex change flow scenarios. Workflows may include an instruction
to skip a step under a defined condition or to perform steps
automatically. For example, risk analysis can be performed
automatically, and according to the risk level, an approval step
may be required.
- High Availability: Tufin Security Suite
can be now configured for High Availability, providing continuous
synchronization between the primary TSS server and the secondary
TSS server. The secondary server can be deployed either locally or
in geographically remote data centers.
- T-80 Appliance: The latest addition to
the Tufin family of appliances is specifically designed for small
data centers and distributed deployments.
- Extended Support for
Multi-Tenancy: Following on the multi-domain
capabilities of SecureTrack, SecureChange now supports multiple
tenants and domains. Service providers and large enterprises can
handle tickets from different business units, data centers or
customers securely. SecureChange automatically associates every
change ticket to the correct domain context and maintains full
segregation of data between domains. Each requestor only sees the
devices and objects in the domains to which he/she belongs.
"We are proud of the ground we have broken with TSS 6.0," said
Ruvi Kitov, CEO, Tufin Technologies. "Not only do we lower the cost
and ease much of the management burden associated with moving to
and managing Next Generation firewalls, but our customers tell us
that the other capabilities we have delivered played a crucial role
in enabling them to successfully meet their compliance, security
and operational objectives. As long as we keep customer
satisfaction our number one priority while delivering real
innovation in our products, we are confident we will continue our
strong growth and momentum."
Pricing and Availability
TSS 6.0 is available immediately. Pricing starts at $20,000.
About Tufin Technologies
Tufin™ is the leading provider of Security Lifecycle Management
solutions that enable companies to cost-effectively manage their
network security policy, comply with regulatory standards, and
minimize IT risk. With the award-winning Tufin Security Suite,
security teams are successfully managing firewall operations and
performing audits and risk assessments - often in half the time.
Founded in 2005 by leading firewall and business systems experts,
Tufin serves more than 800 customers in industries from telecom and
financial services to energy, transportation and pharmaceuticals.
Tufin partners with leading vendors including Check Point, Cisco,
Juniper Networks, Palo Alto Networks, Fortinet, F5, Blue Coat,
McAfee and BMC Software, and is known for technological innovation
and dedicated customer service.
For more information visit www.tufin.com, or follow Tufin