Published October 29th, 2023 by Erez Tadmor
In the ever-evolving landscape of the digital age, one thing has become abundantly clear: Users are everywhere. Gone are the days when end-users were tethered to specific physical locations. Today, they traverse the digital realm from a myriad of devices and locations. This era of ubiquity demands a network that is not just flexible but accessible and secure.
Simultaneously, the terms “applications” and “data” are everywhere. These elements have seamlessly integrated into our daily business operations and vernacular and should be accessible to users regardless of their geographical coordinates.
However, the increasing presence of users, applications, and data has led to a staggering surge in network traffic, introducing higher costs and heightened security concerns for organizations. To address these challenges, we have witnessed direct internet access grow rapidly. Direct internet access empowers organizations to provide users with direct connectivity to the internet, which reduces latency and enhances the overall user experience.
A game-changing solution has emerged amidst this dynamic shift: Secure Access Service Edge (SASE). SASE amalgamates network and security capabilities into an online service, offering a comprehensive approach to securely tackling the complexities posed by distributed users and applications. The industry has seen traditional security vendors enter this space, as single vendors that provide both networking and security capabilities and as specialized vendors that focus on specific domains.
Tufin Holds Significance in the SASE Transformation
The core values and capabilities Tufin brings to the table are indispensable in an increasingly hybrid and complex corporate environment. Tufin customers find immense value in the following:
1. Visibility, audit, and compliance
Tufin empowers organizations with unparalleled visibility into their network and security policies, ensuring compliance with stringent regulations and industry standards. With R23-2, Tufin users could quickly identify risky and out-of-compliance rules and resolve them. In addition, network changes are fully documented which makes audit preparation faster.
2. Troubleshooting and understanding network connections
Tufin aids organizations in swiftly troubleshooting network access issues, helping them understand the intricate web of network connections. For example, at times of an application outages, Tufin’s path analysis could help determine what security control blocks the connectivity and expedite the mean time to resolution (MTTR).
3. Change automation and orchestration
Tufin streamlines change management processes in hybrid networks and heterogeneous environments through automation and orchestration, eliminating operational complexities, and reducing costs.
Now, let’s dive deeper into the exciting realm of Tufin’s latest offering: Tufin Orchestration Suite R23-2.
Four New Platforms Make a Debut in Tufin’s Orchestration Suite
Tufin proudly introduces the integration of four brand-new platforms into its suite. These platforms include Prisma Access by Palo Alto Networks, Cisco Viptela SD-WAN, Check Point Quantum Smart 1-Cloud, and VMware NSX-T deployed in AWS. These integrations bring a slew of benefits to Tufin’s customers:
• Reduced attack surface: Tufin empowers organizations to identify risky and out-of-compliance policy rules.
• Avoid cumbersome and slow audit preparation: With streamlined processes and out-of-the-box compliance reports, Tufin ensures organizations face fewer failed audits.
• Reduced MTTR (Mean Time to Resolution): Tufin’s powerful network troubleshooting capabilities lead to swifter issue resolution by leveraging the path analysis tool, as well as the change tracking capability that shows what has changed between two points in time.
• Dramatically reduced SLAs (Service Level Agreement): Tufin’s automated workflows pave the way for dramatic reductions in SLA timelines.
• Seamless cloud adoption and migrations: Organizations can seamlessly embrace cloud technologies such as SASE, without compromising on automation using Tufin’s SecureChange+.
Accelerating Security Audit and Compliance Efforts
Security access rules are crucial for organizations across every industry, but especially those in highly regulated sectors, such as finance and healthcare. Such preservation facilitates audit readiness and serves as evidence of compliance with stringent security regulations and industry standards.
This level of visibility aids network administrators to rapidly address network outages by identifying the changes themselves, when changes were made, and whether those changes caused the outage.
Imagine a scenario where a company falls victim to a data breach that compromises sensitive customer information. During the ensuing investigation, the company’s security team detects unauthorized access from an external IP address. They suspect a misconfigured or unauthorized firewall rule might be at the heart of this breach. How does Tufin come to their rescue?
• Identification: Tufin helps organizations pinpoint the exact time of the unauthorized access and cross-reference it with other security logs.
• Tracing: Tufin helps firewall admins and investigators review rule changes and identify recent alterations to firewall rules that may have led to unauthorized access, including mistakenly allowing access to certain resources or assets.
• Rolling back: Armed with the comprehensive firewall rule history provided by Tufin, the team can identify the exact rule responsible for the breach. They can then roll back that specific rule to its earlier state, effectively blocking the unauthorized access point and preventing further data leakage.
• Analysis: Tufin empowers the team to create a timeline of events leading up to and following the breach. This timeline is crucial to understanding the scope of the incident, how the breach occurred, and what data may have been compromised.
• Retrospective learning: Tufin equips compliance teams to identify gaps in their security practices and optimize their change management processes—a true testament to Tufin’s SecureChange capabilities.
Enhanced Change Automation and Access Troubleshooting for Hybrid-Cloud Networks Protected by Next-Gen Firewalls
Automation is the vehicle that drives the digital transformation in hybrid networks, and Tufin is at the forefront of this movement. In R23-2, Tufin enhances change automation and topology map support for Next-Generation Firewalls (NGFW). Customers can now seamlessly integrate Panorama URL categories into access requests, boosting the automation capabilities of Tufin’s SecureChange.
Furthermore, the Interactive Map feature allows organizations to identify firewall targets along the internet path. Tufin extends this support to Check Point and Stonesoft devices, allowing SecureChange+ users to utilize internet objects as part of an access request ticket of a designated workflow.
Improved User Experience
The last thing I want to highlight in this blog post (but certainly not the least) is that Tufin Orchestration Suite R23-2 comes equipped with an array of enhancements aimed at improving the users experience. These enhancements encompass the following:
• Improved licensing experience: R23-2 streamlines the licensing process, improving the onboarding experience by making it more user-friendly by having just a single licensing file for everything you need!
• Automating multi-vendor tickets: R23-2 simplifies the management of multi-vendor tickets, reducing complexities for users, for example – running a single cleanup project within a single ticket for multiple vendors.
• Streamlined SecureChange ticket management: Tufin optimizes the SecureChange ticket management process and user interface, making it more efficient and intuitive.
As always, there are lots of new features and benefits that are not mentioned here in this blog post, and you are welcome to explore and read more details in the release notes.
As the network landscape evolves to accommodate dispersed users, applications, and data, Tufin Orchestration Suite R23-2 offers a comprehensive solution that combines security, compliance, and automation.
In a world where change is the only constant, Tufin’s network security solutions remain a steadfast requirement for organizations navigating the complexities of the modern network.
Don't miss out on more Tufin blogs
Subscribe to our weekly blog digest