Tufin SecureTrackā¢ maintains a continuous audit trail and
provides a variety of robust, out-of-the box reports to slash audit
preparation times.
PCI DSS Audits
The PCI standards provide guidelines for organizations that
process card payments in order to help them prevent credit card
fraud, cracking and other security threats. SecureTrack's
PCI-DSS 2.0 audit report makes it fast and simple to prepare for an
internal or external audit. Learn more about PCI DSS
Compliance.
Cisco Device Configuration Audits
SecureTrack's Device Configuration Report is specially designed
for Cisco IOS routers, checking for common security settings
and misconfigurations that are critical for overall device and
network security. Learn more about Cisco
Device Configuration audits.
Security Risk Audits
The automated Security Risk Report instantly evaluates the
current level of risk and displays your Security Score along with
scoring on a prioritized list of risk factors. The report can be
run at the organizational level or per gateway, and indicates risk
trends in addition to the current state. You can run the Security
Risk report manually or on schedule, or in response to certain
configuration changes.
Best Practice Audits
Leveraging years of inside experience, Tufin has gathered many
of the industry's best practices from both vendors and
enterprises. These practices can help you create security
policies for your firewalls and network security devices that are
secure, up-to-date, and easy to understand and maintain. You can
choose from a list of generic and vendor-specific best practices
and select the ones that you want to implement in your
organization. The audit report describes your compliance level
along with valuable mitigation information to help you rapidly
address the issues.
Rulebase Audits
SecureTrack enables you to maintain a clean, tight rulebase and
prove to your auditors that each rule and ACL is there for a reason
and is justified by the business. SecureTrack's Rule Usage
Report and Cleanup Browser provide an efficient, business-safe
method to delete unused elements of a security policy including
rules, ACLS and objects.
In addition, SecureTrack's rule documentation and
recertification allow you to document each security rule and ACL
with owners (business and technical), expiration dates and other
metadata fields.
Change Authorization
SecureTrack along with SecureChange provide an automatic way to
ensure that every firewall change, as well as rules and ACLs,
underwent an approval process. Unauthorized changes and rules are
flagged and an administrator can review and correct them. This
enables you to prove to an auditor that you have full governance
and a "Formal Process for Approving and Testing Network
Connections and Changes" (PCI DSS requirement 1.1.1).
