Tufin customers have visibility, control, and an agile way to optimize network firewall policies across their hybrid-cloud networks, including all three major cloud console vendors, Microsoft Azure, AWS, and Google Cloud Platform (GCP).
GCP customers can now benefit from centralized security policy orchestration, audit tracking, and automation—delivered through Tufin’s security policy orchestration platform. You can now bring GCP firewalls into the same real-time topology and compliance workflows already used for your on-premises and cloud environments.
View GCP devices and network traffic paths directly in Tufin’s live topology map, including monitoring all types of firewall rule traffic source ips and ports such as TCP, UDP, SSH, SSL, etc. supporting the most common GCP deployment options:
• Shared VPCs
• VPC Peering
• Cloud VPN
• Dedicated Interconnect
• VPC Firewall Matching Rules
• Network Tags enabling troubleshooting for specific workloads.
Automate GCP rule changes with built-in risk analysis and compliance validation. Tufin automation includes:
• Verifying whether a change request is permitted by the VPC firewall and other relevant device permissions.
• Identifying the appropriate GCP VPC firewalls and associated devices involved.
• Performing automatic risk assessment as part of the change process.
Monitor GCP Projects and VPCs directly in Tufin Orchestration Suite (TOS), and visualize GCP VPC firewall rules, including ip addresses and ip ranges network tags and service account with intuitive mapping for deeper inspection.
Gain full audit trails, including metadata for authentication purposes and track changes across all GCP devices.
Identify risky or non-compliant rules across GCP devices and generate a security best practice templates—including compliance checks for PCI and ISO 27001 standards.
Connect GCP devices into ServiceNow and other ITSM solutions for streamlined approvals.
The default ingress rules and egress rules of a VPC firewalls permit intra-network traffic and allow ICMP, SSH, and RDP access to GCP resources.
Need to optimize that to meet your security posture?
Tufin makes it easy to align your network security policies with your specific requirements. With broader network coverage and GCP support, you can support the following use cases:
Automatically validate security posture with USP-based controls, reducing audit prep time and compliance violations.
Visualize hybrid network topologies—including GCP topologies—and automate change processes to reduce Mean Time to Resolution (MTTR) and avoid costly misconfigurations.
Automate policy changes across multi-vendor environments, cutting manual effort and ensuring consistent, risk-free implementations.
Gain end-to-end visibility and enforcement across diverse environments, reducing exposure from misaligned policies and firewall inconsistencies.
Tufin acts as a single point of control for all your device, router, and network management across your entire ecosystem. Need to view changes to VPC network firewall rules? You can do that from the Tufin Orchestration Suite across all your firewalls, instead of toggling between GCP’s web application and other dashboards.
Yes, you can easily install Tufin on a virtual machine. You’ll need to ensure you have all the compute and IAM authentication permissions prerequisites, load balancing configurations. Ensure you read the docs, for IP address, DNS, CLI and other installation parameters needed to set up the server.