Tufinnovate Americas 2020: The New Normal

Last updated February 15th, 2023 by Susan Rivera

Events

Tufinnovate is back for its fourth year, and this year our annual user conference is taking place virtually. To kick off the event, we heard from CEO Ruvi Kitov on how moving to a fully remote team impacted Tufin customers. Many organizations needed to get thousands of employees working remotely within days. One customer shared, “We were asked to do in two weeks, what was planned to take two years.”

To enable the transition to work from home, many organizations put the rulebook to the side and did things differently this time. As we heard from customers during the panel discussion, those who leveraged Tufin prior to the shift were able to meet the challenge and ensure that their new normal is as secure as it was pre-Covid.

Ruvi wrapped up his session by asking the question, “Where will we – and our customers – be five years from now?”

All large organizations will have a hybrid network and use multi-cloud, making their environments even more complex and fragmented than they are today. Our focus is to simplify and manage hybrid network complexity across all platforms: multi-vendor and multi-cloud (on-prem, private cloud, and public cloud). Tufin will also continue to deliver advanced automation to support business agility. Tufin is developing other innovative solutions as well, but we can’t give away all our secrets!

Are firewalls going away?

Next up, CTO Reuven Harrison takes on the controversial question, “Are firewalls going away?”

Over the last several years, there has been an ongoing debate about the relevance of firewalls as security controls and the argument that the industry should move away from firewalls and embrace application security as the solution.

Where do we see firewalls? There are firewalls at the perimeter, internal firewalls to segment between zones, firewalls in the cloud, firewalls as a service, and firewalls for north/south connectivity. And that’s just the beginning! Reuven discusses many other solutions that are not traditionally considered firewalls but that do, in fact, serve as a firewall. Reuven states that a firewall is anything that enforces a policy of who can talk to whom and what can talk to what.

As you can see, that’s quite a lot of firewalls. Not only have firewalls not gone away, but in fact, we’re seeing more firewalls than ever before.

All firewalls have policies, and as we know, policies are difficult to manage.

That brings us back to the claim that application security is the solution. Reuven explains that we would have to put all our trust in application developers for security. However, developers aren’t experts on security, they don’t think like an attacker, and furthermore, they’re measured on velocity, not security. As a result, development often contradicts security in order to get a new application out as quickly as possible.

There must be a different way to balance security with the business.

A new concept that Reuven has bult into Tufin’s solutions is to align developer processes with security processes – embed security into the CI/CD pipeline. This is known as the concept of Test-Driven Development. Every piece of code written must be tested and can generate security policies on the fly at the speed of development.

Reuven ends his session with a reminder to all the security managers out there: treat your security policy as a first-class citizen.

Customer case study and panel discussion

Intercontinental Exchange’s (ICE) use of Tufin illustrates how the company’s APIs allow organizations to customize the solution based on their needs. Prior to adopting Tufin, the main challenges that ICE faced were the growing number of firewall rule requests as well as the need to ensure that network complexity does not impact quality of service. Using Tufin APIs, they now have the ability to check if access is allowed, implement firewall rules, and review/assess ACL changes.

ICE initially deployed Tufin as a “steppingstone to automation.” After realizing the benefits of this technology, they’re now asking themselves, “Can we achieve full automation?”

We also heard from other Tufin customers during the customer panel. Of course, one of the key topics was the drastic shift in remote work due to the Covid-19 pandemic. While the panelists discussed how the transition was fairly easy for their organizations, they’re now taking a step back to reassess in terms of risk. When looking at what the future holds in terms of remote work, the panelists also said they’re exploring further use of automation as a way to eliminate manual processes and do more with less.

Another hot topic was Zero Trust. Interestingly, we heard two somewhat opposite viewpoints. While one customer recommended starting small, another customer said he doesn’t have a portion of the network that lends itself to starting small. This particular customer is working with Tufin on moving to the cloud. Another customer discussed how they leveraged Tufin’s unified security policy (USP) to clean up old rules, make them more secure, and begin the process of moving to a Zero Trust policy.

Last but certainly not least, congratulations to our Partner of the Year Award winners: