Tufin Delivers Best-In-Class Network Topology Intelligence and The First Firewall Management Solution to Enforce User and Application Level Firewall Policies

New Version of Top-Rated Solution Also Features High Availability and Cisco Device Configuration Reports, Extending the ROI for Security Lifecycle Management

September 13, 2011 - Tufin Technologies today announced version 6.0 of its award-winning Tufin Security Suite (TSS), the combined offering of its flagship firewall operations management and compliance product, SecureTrack™, and SecureChange™, its security change automation solution. Version 6.0 continues Tufin's tradition of innovation: The ability to set and enforce user and application level policies for Palo Alto Networks Next Generation firewalls is a major market milestone, as is Tufin's Topology Intelligence, with support for an unlimited number of devices. Tufin's comprehensive Topology Intelligence enables network administrators to immediately and strategically determine what policy changes result in the most efficient path between any given network source and destination.

"Next Generation firewalls offer many advantages over traditional network firewalls, but they introduce additional complexity. Tufin's ability to set and enforce polices based on user and application data has enabled us to maximize our investment in Next Generation firewalls and despite the added complexity, has substantially reduced our management burden," said Alistair Carnegie, network security analyst, Baillie Gifford. "As we transitioned to Next Generation firewalls, we used Tufin's Automatic Policy Generator, which added tremendous value by enabling us to quickly populate our Next Generation firewalls with optimized policies."

"As a former firewall administrator, I know how hard it is to implement and maintain effective firewall rules, and as an analyst, I can appreciate how the increased complexity of those rule sets impacts operations as more business applications run through the browser," said Diana Kelley, principal, Security Curve. "Application aware firewalls are becoming the standard, but most organizations are still early on the migration path. Solutions that help companies manage network and application firewall rules effectively can reduce risk and overhead while gaining better control over their security and compliance posture."

Key additions to TSS 6.0 include:

  • Enhanced support for Next Generation firewalls: TSS 6.0 provides deeper directory services integration of user and application intelligence, support for multi-dimensional Policy Analysis queries according to user and application, and definition of Compliance Policies and Compliance Reports such as black list and white list according to user and application. As a result, Tufin has delivered the first Security Lifecycle Management solution to transition from monitoring to proactive management of Next Generation firewalls.
  • Enhanced Network Topology Intelligence is integrated into several key components of TSS, allowing security administrators the ability to leverage security policies as a strategic tool for controlling the flow of network traffic via a dynamic, visual map of all devices and zones on the network.
  • Cisco Device Configuration Reports: TSS's Device Configuration Report is specially designed for Cisco routers and switches, checking for common security settings and misconfigurations that are critical for overall device and network security. The report, which is in line with the CIS IOS Benchmark and the NSA's Router Security Configuration Guide, checks for many common security settings like SNMP settings, authentication settings, NTP settings, unnecessary services, Syslog settings, and more.
  • Enhanced, Graphical Policy Change Advisor with Vendor-Specific Change Recommendations uses Tufin's Network Topology Intelligence to provide a graphic display of policy rules along with the full access path between any specified source and destination. It gives security administrators vendor-specific configuration recommendations for each of the devices in the access path, making it much easier and faster for administrators to fulfill change requests accurately.
  • Enhanced Rule Documentation and Recertification now includes triggered alerts and scheduled reports for expiring rules, rule owners, or any other documentation field.
  • Extensive SecureChange Customization API allows security managers to customize ticketing workflows and integrate with additional systems. New API capabilities include the ability to execute scripts between workflow steps, submit requests via e-mail, and open requests from an external system.
  • Enhanced Support for Conditional Workflows includes more options for defining the most complex change flow scenarios. Workflows may include an instruction to skip a step under a defined condition or to perform steps automatically. For example, risk analysis can be performed automatically, and according to the risk level, an approval step may be required.
  • High Availability: Tufin Security Suite can be now configured for High Availability, providing continuous synchronization between the primary TSS server and the secondary TSS server. The secondary server can be deployed either locally or in geographically remote data centers.
  • T-80 Appliance: The latest addition to the Tufin family of appliances is specifically designed for small data centers and distributed deployments.
  • Extended Support for Multi-Tenancy: Following on the multi-domain capabilities of SecureTrack, SecureChange now supports multiple tenants and domains. Service providers and large enterprises can handle tickets from different business units, data centers or customers securely. SecureChange automatically associates every change ticket to the correct domain context and maintains full segregation of data between domains. Each requestor only sees the devices and objects in the domains to which he/she belongs.

"We are proud of the ground we have broken with TSS 6.0," said Ruvi Kitov, CEO, Tufin Technologies. "Not only do we lower the cost and ease much of the management burden associated with moving to and managing Next Generation firewalls, but our customers tell us that the other capabilities we have delivered played a crucial role in enabling them to successfully meet their compliance, security and operational objectives. As long as we keep customer satisfaction our number one priority while delivering real innovation in our products, we are confident we will continue our strong growth and momentum."

Pricing and Availability
TSS 6.0 is available immediately. Pricing starts at $20,000.

About Tufin Technologies

Tufin™ is the leading provider of Security Lifecycle Management solutions that enable companies to cost-effectively manage their network security policy, comply with regulatory standards, and minimize IT risk. With the award-winning Tufin Security Suite, security teams are successfully managing firewall operations and performing audits and risk assessments - often in half the time. Founded in 2005 by leading firewall and business systems experts, Tufin serves more than 800 customers in industries from telecom and financial services to energy, transportation and pharmaceuticals. Tufin partners with leading vendors including Check Point, Cisco, Juniper Networks, Palo Alto Networks, Fortinet, F5, Blue Coat, McAfee and BMC Software, and is known for technological innovation and dedicated customer service.

For more information visit www.tufin.com, or follow Tufin on:

10.35.4.249;