Continuous Compliance

The goal of any security operation is to continuously comply with corporate and regulatory policies in order to ensure that the network is secure at all times. SecureTrack™ turns this vision into reality with ongoing, real-time monitoring of all firewall and router configuration changes. It checks every change for compliance with both your organization's policies and standards including PCI DSS.  It instantly alerts you to violations that might put your network at risk. With Continuous Compliance, SecureTrack transforms painstaking, time-consuming security audits into a simple reporting process.

Setting the Corporate Compliance Standard

The backbone of any consistent network security policy is the establishment of a corporate standard. Most companies have a security standard in document - or even verbal - form. But to make sure that the policy is carried out and enforced on a daily basis, you need a way to define and monitor it at the level of your network infrastructure. Tufin SecureTrack gives you a simple way to translate your corporate compliance strategy into a concrete policy that can be automatically monitored. Without coding, SecureTrack's Corporate Compliance Policy enables you to define connectivity that should always be allowed or always be blocked. You can even use next-generation application and user objects to define compliance policies.

Any time a firewall or router configuration change violates the corporate policy, an alert is sent out so that you can maintain continuous compliance, without waiting for the next audit.

SecureTrack also helps you define or import your network zones and enforce a zone-to-zone connectivity matrix across your firewalls and routers. 

Business Continuity and Risk Management

SecureTrack lets you define a Risk Management Policy that specifies either blacklist or whitelist connectivity, as well as permitted exceptions. This policy helps you to ensure that no changes are made that post a threat to business continuity. Any violations to the Risk Management policy trigger a compliance alert.

Continuous Compliance for PCI DSS

SecureTrack checks every change for compliance with PCI DSS and displays the current compliance posture in the PCI DSS browser. Read more about the PCI DSS browser and PCI DSS audit reports.

Audits Out of the Box

SecureTrack features a number of customizable audit reports that compress weeks of audit preparation into minutes. Read more about audit reports including the Corporate Compliance Audit, PCI DSS Audit, Best Practices audit and more.