Freely subscribe to our NEWSLETTER

Firewall Administration with Automated Server Decommissioning

Until now, the task of server decommissioning has been a manual and tedious process that was prone to errors due to lack of insight into how server removal affected the performance and security of a network. With R17-2, Tufin is the first vendor to add automated server decommissioning to the previously released automation of rule decommissioning, easing the demand on the firewall administrator’s time and ensuring that a high security posture is maintained.

The latest product release enables enterprises to:
• Automatically identify policy rules and objects that need to be changed or removed across all affected firewalls, routers, and cloud platforms
• Understand server usage and the impact of server decommissioning on the overall firewall policies before decommissioning the server
• Implement changes directly to eliminate redundant, unused, or unnecessary access that can lead to a security breach
• Verify that changes were implemented as required by ensuring full documentation and auditability for rule and server decommissioning

Support for VMware NSX Automation

With the release of Tufin Orchestration Suite R17-2, Tufin announced automated policy-based management for VMware NSX with automated provisioning coming in the company’s next product release, R17-3. The latest product release, R17-2, provides end-to-end change automation for Palo Alto Networks Panorama policies with dynamic address group (DAG) objects that reference VMware NSX security groups.

The integration enables users to:
• Track and monitor changes on Palo Alto Networks Panorama policies to establish a greater understanding of policy changes that are integrated with an NSX environment
• Gain audit insight using comprehensive rule visibility for Palo Alto Networks rules and policies integrated with VMware NSX

First NSPM Vendor to Support Cisco Firepower Management Centre

Tufin Orchestration Suite R17-2 is the first network security policy management (NSPM) solution to support Cisco Firepower management console, domains, and firewalls. The joint solution enables users to centrally manage security policies across Cisco Firepower and the hybrid network, providing enhanced visibility and control over Cisco Firepower policies with Tufin’s policy browser and object lookup.

Tufin’s support for Cisco Firepower Management Centre allows joint customers to:
• Centrally manage security policies across Cisco Firepower and the hybrid network
• Gain visibility and control with Tufin’s policy browser and object lookup as well as with change monitoring for Cisco Firepower policies
• Validate the migration from Cisco ASA to Cisco Firepower Threat Defense

Tufin Orchestration Suite R17-2 also features:
• Support for Check Point R80.10
• Support for Microsoft Azure Resource Manager (RM)
o Gain visibility of security and connectivity changes across Microsoft Azure RM virtual networks (VNETs) and network security groups (NSGs) and the rest of the hybrid network
• Enhanced alert capabilities for violations of Tufin’s Unified Security Policy, supporting the enforcement of continuous compliance with internal and industry regulations
• Updated change automation for Palo Alto Networks Next-Generation Firewall policies, including the ability to automate rules with ContextID (security profile groups) and rules with log forwarding profiles

Tufin Orchestration Suite R17-2 will be generally available on September 20, 2017.