Policy visibility and insights into GCP firewall rules

Tufin customers have visibility, control and agile way to optimize firewall policies across their hybrid-cloud networks, including all three major cloud vendors, Microsoft Azure, AWS and Google Cloud Platform (GCP).

Tufin Orchestration Suite (TOS) enable teams to quickly view policy rules including metadata, configs and incoming traffic of workloads in your gcloud VPC Firewall rules. Quickly and automatically optimize Virtual Private Cloud (VPC) rules in your cloud networks through a central control plane. Tufin works across your VPC firewalls and the rest of your multi-cloud network.

Tufin offers a clear understanding of all VPC firewall rules via a single-pane-of-glass and reduces the time it takes to identify overly permissive rules across all platforms, including on-premise, SD-WAN, SASE and multi-cloud environments.

Change tracking

Get real-time insights into all VPC firewall changes across your enterprise with timely security alerts.

Tufin provides firewall admins and security teams with the tools they need for rapid change troubleshooting across a variety of use cases and VPC firewall rules—and every major vendor and platform, including monitoring all types of firewall rule traffic ports such as TCP, UDP, SSH, SSL, etc.

Optimize Security Policies

The default ingress rules and egress rules of a VPC firewalls permit intra-network traffic and allow ICMP, SSH, and RDP access to GCP resources. Need to optimize that to meet your security posture? Tufin makes it easy to align your network security policies with your specific requirements.

  • Manage all your google cloud firewall rules and policies, in one central location.

  • Identify overly permissive rules, helping you to reduce the attack surface quickly and systematically

  • Get granular metrics on source IP ranges, destination ranges, TCP ports, private or public IPs, and variety of other network and security elements.

Compliance Reporting

Tufin provides robust compliance reporting and analytics capabilities that enable organizations to obtain customized compliance reports, track historical policy changes, and gain insights into network security trends, vulnerabilities, and performance.

Consistent Firewall Management

Managing firewall rules across the hybrid cloud is highly complex and challenging to scale, especially if you’re dealing with multi-vendor environment. Toggling between an AWS, Microsoft Azure and GCP dashboards, plus a variety of network interfaces and subnets, is enough to drive any team to distraction. Tufin takes all these parameters into account and ensures broad visibility into an organization’s network security policies, allowing administrators to gain insights into rule usage, traffic flows, and potential security risks.

Ultimately, Tufin helps organizations to maintain control over their entire network security posture.

All of the capabilities above also available for developer teams to consume via API.


Does Tufin work with VPC Firewall’s web application?

Tufin acts as a single point of control for all your device, router, and network management across your entire ecosystem. Need to view changes to VPC network firewall rules? You can do that from the Tufin Orchestration Suite across all your firewalls, instead of toggling between GCP’s web application and other dashboards.

Can Tufin be installed on a GCP virtual machine?

Yes, you can easily install Tufin on a virtual machine. You’ll need to ensure you have all the compute and iam authentication permissions prerequisites, load balancing configurations. Ensure you read the docs, for IP address, DNS, CLI and other installation parameters needed to set up the server.

Take a peek at how to set up install Tufin on GCP.