Orchestration of Network Change Processes
The Orchestration Suite coordinates the systems and processes that provide network connectivity and enforce security policy – not just firewalls and routers, but servers and applications as well. At the technical level, it is a bridge between the organizational security policy and the specific implementation on each device. At the process level, it connects the application teams that require network changes and the network security teams that need to design, assess and implement them.
All Devices and Vendors
Tufin’s Orchestration Suite gives you the ability to centrally manage all of your network-layer, next-generation and IPv6 firewalls as well as other types of network security infrastructure – including routers, switches, load balancers and more. In today’s complex, heterogeneous network environments, it provides a unified view of the configuration of all of your network devices from the leading vendors.
Integration with Complementary Systems
The Tufin Orchestration Suite integrates with a variety of systems including help desk, ticketing and service provisioning through RESTful APIs. With the Orchestration Suite, you can seamlessly integrate network security changes into your IT operations management processes while benefitting from the deep security and network technologies that increase productivity and accuracy.
The API enables the orchestration suite to support a wide variety of scenarios such as:
- Integrating SecureChange with ticketing systems
- Submitting access requests from a self-service portal
- Defining connectivity templates for end user access requests
- Identifying security rules that allow or block access
- Uniformly displaying rules and objects from multiple vendors
- Retrieving policy cleanup and optimizations tasks
- Managing rule documentation and recertification, and integration with other repositories
- Searching for rules, network objects, services and network interfaces
- Adding offline devices and configurations
- Managing SecureApp applications including servers, connections and connectivity status
- Importing SecureApp connections from firewalls and other sources
- Submitting application access requests