Today’s network security teams are managing more frequent changes across a wider range of environments than ever before.The pace, scope, and surface area of modern networks have fundamentally shifted, driven by cloud adoption, distributed applications, and new access models that extend far beyond the data center.
What was once managed within a single environment is now spread across many vendors, platforms, and environments, each with its own ways of working and operational constraints. As a result, even routine changes require more coordination, more validation, and more manual effort to ensure nothing breaks or drifts out of compliance.
This growing gap between how networks are built and how they are managed is the challenge the Tufin Orchestration Suite (TOS) R25-2 release addresses.
Tufin continues to evolve our unified control plane, providing a consistent way to manage policy, change, and compliance across hybrid, multi-cloud, and SASE environments. Tufin R25-2 Hot Fix 1 introduces significant enhancements across visibility, automation, risk reduction, and hybrid-network support.
Bringing Control to Fragmented Network Environments
Security and network teams are under constant pressure to support more change with fewer resources and less tolerance for risk. At the same time, the environments they manage continue to fragment across vendors, platforms, and operating models.
Each layer of the network brings its own interfaces, abstractions, and policy logic. When these layers are managed independently, teams lose the ability to understand how access is enforced end to end. Manual work increases, policy drift becomes harder to detect, and small changes can have unintended consequences.
Fragmented network environments increase visibility complexity, slows change, raises operational and security risk, and make compliance harder to maintain at scale.
End-to-End Visibility for Amazon Web Services (AWS) Connectivity
Accurate topology is essential for understanding how traffic flows between on-premises and AWS environments. R25-2 Hot Fix 1 adds automated topology modeling for AWS Direct Connect links attached to Transit Gateways.
This enhancement provides highly accurate visibility from on-premises infrastructure into AWS with fewer manual topology updates. With a better visibility representation of hybrid connectivity, teams can rely on path analysis when validating access requests and troubleshooting connectivity issues.
Improved topology accuracy also supports faster and more precise change automation for network and security connectivity requests in hybrid AWS environments.
Simplified Azure Device Management
As Azure environments grow, keeping subscriptions and network topology up to date becomes increasingly more difficult. R25-2 Hot Fix 1 streamlines Azure onboarding by allowing customers to connect their environments at the Azure Groups or organization level.
New subscriptions and virtual networks are automatically imported and kept current, reducing manual onboarding effort and ongoing credential maintenance. This ensures topology remains accurate as environments evolve, improving the reliability of path analysis, troubleshooting, and automated change workflows.
For organizations with large Azure footprints, this delivers faster time to value and greater confidence in policy decisions based on continuously updated data.
More Accurate Risk and Compliance Analysis
Security teams rely on compliance checks and risk scoring to guide access changes and prepare for audits. In R25-2 Hot Fix 1, Unified Security Policy (USP) analysis now includes the URL category as part of violation detection and risk assessment.
By factoring URL categories directly into compliance calculations, Tufin delivers more accurate risk scoring and significantly reduces false positives. This helps teams spend less time investigating misleading alerts and more time addressing real policy and compliance issues.
The result is stronger audit readiness, improved posture assessment, and more reliable, risk-aware change automation. Firewall rules that include URL-based controls are now evaluated with the context needed to reflect how access is actually enforced.
Faster Insights Through TufinAI for Device Search
Even when policy data exists, extracting useful answers can be slow and tedious. Teams often depend on complex queries or specialized product expertise to answer basic questions about access and exposure.
R25-2 Hot Fix 1 introduces a new TufinAI Assistant with natural-language capabilities for Device Search. Users can now instantly locate devices using everyday language. For example “Show me all Palo Alto firewalls in New York” and view immediate results, reducing time spent conducting complex searches. TufinAI for Device Search provides:
- Faster device discovery and troubleshooting
- Reduced time spent manually filtering and searching inventories
- Improved productivity for security and network teams
Taking Control with the Tufin Unified Control Plane
Tufin helps security and network teams simplify network complexity through a unified control plane.
With R25-2 Hot Fix 1, we continue to improve the accuracy and reliability of the data teams rely on to make faster, more confident security decisions. Enhancements to device visibility, risk and compliance analysis, and hybrid topology ensure security policies remain aligned and consistently enforced.
Together, these improvements help teams manage policy consistently, maintain continuous compliance, and execute changes with confidence across cloud and hybrid environments, all from a single platform.
Ready for R25-2 Hot Fix 1?
Connect with your Tufin team or request a demo to explore what’s new in R25-2 and see how the latest updates help simplify network complexity, reduce risk, and accelerate change.
Ready to Learn More
Get a Demo
