Integration with Palo Alto Networks Next-Generation Security Platform ensures policy compliance through smart automation

BOSTON – May 18, 2017 – Tufin®, the market-leading provider of Network Security Policy Orchestration solutions, enhanced its award-winning Tufin Orchestration Suite™ by providing support for LDAP user groups for the enforcement of access restrictions and privileges using Palo Alto Networks® Next-Generation Security Platform.  With this integration, joint customers can define and enforce micro-segmentation across hybrid cloud environments using security groups.

“There’s an obvious need for organizations to manage who is accessing what data and why— but the concern is that to deliver such a high level of security often hinders an organization’s productivity,” said Ofer Or, Vice President of Products, Tufin. “The Tufin Orchestration Suite provides business agility and security by strengthening the overall security posture of an organization through a streamlined process of granting and prohibiting network connectivity.”

With Tufin Orchestration Suite plus Palo Alto Networks Next-Generation Security Platform, joint customers can further automate network security policy management by specifying User-ID and App-ID through the use of LDAP user-groups, providing greater data protection than the use of IP addresses and port numbers alone. With this new feature, organizations can now ensure secure user mobility. R17-1 also adds proactive, automated risk analysis; automatic target selection and change design; and automatic changes provisioning and verification when using LDAP user groups with Palo Alto Networks Next-Generation Firewalls. Additional benefits for joint customers include:

  • Faster implementation of security changes within Tufin Orchestration Suite for Palo Alto Networks Next Generation Firewall policies;
  • Improved accuracy and security, and reduced errors with zero-touch automation for Palo Alto Networks Panorama network security management device group policy changes;
  • Continuous compliance with security standards through automatic risk analysis for NGFW policies; and
  • Palo Alto Networks Next-Generation Firewall policy changes employed across heterogenous networks and cloud environments.

Tufin Orchestration Suite R17-1 introduces the ability to define security zones throughout heterogeneous networks based on cloud security groups. With this new capability, Tufin and Palo Alto Networks joint customers can now define and enforce micro-segmentation across all network environments, including physical networks and private and public hybrid cloud platforms.  Security teams thus can realize continuous compliance by identifying violations in real time, even in complex environments such as the cloud. As a result, organizations can improve overall security without diminishing productivity by granting access to DevOps teams to ensure security and compliance throughout their normal development processes.

Tufin Orchestration Suite R17-1 also includes added support for:

  • Support for Amazon Web Services (AWS) Direct Connect to gain visibility into AWS Cloud as part of the full enterprise network and enable accurate automation for AWS Security Groups;
  • New revision status console to facilitate and simplify troubleshooting for revision fetch mechanism;
  • IPv6 support in design and provisioning for Cisco ASA;
  • Automated provisioning for rule decommissioning; and
  • Rule and object usage reports for Panorama and FortiManager.

The product release is now generally available.