Firewall Audits

Tufin SecureTrackā„¢ maintains a continuous audit trail and provides a variety of robust, out-of-the box reports to slash audit preparation times.

PCI DSS Audits

The PCI standards provide guidelines for organizations that process card payments in order to help them prevent credit card fraud, cracking and other security threats. SecureTrack's PCI-DSS 2.0 audit report makes it fast and simple to prepare for an internal or external audit. Learn more about PCI DSS Compliance

Cisco Device Configuration Audits

SecureTrack's Device Configuration Report is specially designed for Cisco IOS routers, checking for common security settings and misconfigurations that are critical for overall device and network security.  Learn more about Cisco Device Configuration audits.

Security Risk Audits

The automated Security Risk Report instantly evaluates the current level of risk and displays your Security Score along with scoring on a prioritized list of risk factors. The report can be run at the organizational level or per gateway, and indicates risk trends in addition to the current state. You can run the Security Risk report manually or on schedule, or in response to certain configuration changes.

Best Practice Audits

Leveraging years of inside experience, Tufin has gathered many of the industry's best practices from both vendors and enterprises.  These practices can help you create security policies for your firewalls and network security devices that are secure, up-to-date, and easy to understand and maintain. You can choose from a list of generic and vendor-specific best practices and select the ones that you want to implement in your organization. The audit report describes your compliance level along with valuable mitigation information to help you rapidly address the issues.

Rulebase Audits

SecureTrack enables you to maintain a clean, tight rulebase and prove to your auditors that each rule and ACL is there for a reason and is justified by the business. SecureTrack's Rule Usage Report and Cleanup Browser provide an efficient, business-safe method to delete unused elements of a security policy including rules, ACLS and objects.

In addition, SecureTrack's rule documentation and recertification allow you to document each security rule and ACL with owners (business and technical), expiration dates and other metadata fields.

Change Authorization

SecureTrack along with SecureChange provide an automatic way to ensure that every firewall change, as well as rules and ACLs, underwent an approval process. Unauthorized changes and rules are flagged and an administrator can review and correct them. This enables you to prove to an auditor that you have full governance and a "Formal Process for Approving and Testing Network Connections and Changes" (PCI DSS requirement 1.1.1).;