Corporate Compliance

Setting the Corporate Standard

The backbone of any consistent network security policy is the establishment of a corporate standard. Most companies have a security standard in document, or even verbal form. But to make sure that policy is carried out and enforced on a daily basis, you need a way to define and monitor it at the level of your network infrastructure.

Define and Monitor Your Corporate Compliance Policy

Tufin SecureTrack gives you a simple way to translate your corporate compliance strategy into a concrete policy that you can automatically monitor. Without coding, SecureTrack’s Corporate Compliance Policy enables you to define traffic that should always be allowed, or always be blocked. You can even use next-generation application and user objects to define compliance policies.

Any time a firewall or router configuration change violates the corporate policy, an alert is sent out so that you can maintain continuous compliance, without waiting for the next audit.

Business Continuity and Risk Management

Tufin also lets you define a Risk Management Policy that specifies either blacklist or whitelist traffic, as well as permitted exceptions. This policy helps you to ensure that no changes are made that post a threat to business continuity. Any violations to the Risk Management policy trigger a compliance alert.

Comprehensive Reporting

The Compliance Policy Report shows the current security policy configuration in comparison to the Corporate Compliance and Risk Management policies. In addition the Security Risk Report gives you a high-level view of the security posture, including your compliance policies.