Risk
9/19/2012
02:35 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%
Repost This

Tufin Launches SecureApp

Provides a central repository for application connectivity data

Ramat Gan, Israel, September 19, 2012 - Tufin Technologies, the market-leading provider of Security Policy Management solutions, today unveiled a brand new product, SecureApp(tm). SecureApp was developed to address what firewall administrators cite as one of their biggest challenges: managing the network connectivity of enterprise applications. As verified in a survey conducted this month among more than 100 network security professionals, 9 out of 10 organizations say that the most common reason for a firewall change request is application connectivity related. Almost one third said they believed a rule change related to a new application may have caused a breach, and 31% deploy a new application each week. Despite the sophisticated automation offered by existing firewall management solutions, managing application connectivity has remained a manual and error prone process.

"We were already a big fan of Tufin's products, but SecureApp is a game-changer," said Christoph Littwin, Head of Telecommunications, SIX Group. "The majority of our firewall changes are application related. We knew we were spending far too much time on tasks like application deployment and decommissioning, and wanted to manage application-related firewall changes from a business process perspective instead of hunting for connectivity data spread across our entire infrastructure. We found nothing on the market and even considered developing and implementing our own tool. When Tufin showed us SecureApp our requirements were almost identical, and we immediately moved forward. We are delighted with the product and applaud Tufin for its ongoing innovation."

"While Next Generation Firewalls are moving the industry forward by making firewalls application-aware, network security operations must also move forward by evolving firewall management practices to be application-connectivity aware," said Jim Frey, managing research director, Enterprise Management Associates. "That means starting 'top-down' with application-specific policy management, so business-facing activities such as adding or de-commissioning applications can be linked directly to security infrastructure changes. Tufin has taken precisely this approach with SecureApp, which puts an application connectivity-centered front end on their established firewall management solution. The new combination offers a sure opportunity to improve communication with application owners while also increasing efficiency, accuracy, integrity, and policy compliance."

Introducing Tufin SecureApp

An integral part of the Tufin Security Suite, Tufin SecureApp is the first product of its kind. It provides a central repository for application connectivity data and presents it in a way that network administrators and application owners can easily and strategically leverage to deploy, modify, de-commission, monitor up-time and troubleshoot application connectivity issues.

SecureApp enables application teams and network teams to finally communicate accurately, eliminating the misunderstandings that lead to errors, wasted time, and unnecessary security and compliance exposure. It improves IT processes by abstracting application connectivity data from the network security policy, putting it in the context of the organization's business requirements, rather than forcing administrators to manually extract it from the rule base where it is dispersed across numerous firewalls, routers and potentially thousands of rules.

Tufin executives provide a deeper dive on the business case for SecureApp at http://bit.ly/QjHwXf.

The major components of SecureApp include:

• Visual Application Connectivity Editor: An intuitive interface for defining and documenting an application's network connectivity requirements at the level of network source, service and destination. No understanding of the network firewalls or routing is required.

• Application Deployment: Create SecureChange tickets with a change request for implementing the required application-related change requests on the network security infrastructure.

• Application Decommissioning: Automatically identify the policy rules that need to be changed or removed across all affected firewalls and routers, eliminating unneeded access that can lead to a breach or a compliance violation.

• Connectivity Status Monitoring: View the status of every application connectivity requirement based on real-time analysis of security policies, coupled with network topology path analysis.

• Central Application and Server Repository: A central library of all enterprise applications with drill-down capability into individual users, servers and connectivity needs.

• Application Lifecycle Management: Manage all of your applications' network requirements from initial deployment through maintenance and decommissioning.

• Application Audit Trail: Maintain a history of all changes to application connectivity including tickets and firewall rules/ACLs.

For a full list of features, please visit http://bit.ly/QjHONN.

"Tufin SecureApp delivers firewall management functionality that maps to how firewalls are actually being used today, as opposed to 20 years ago when they were being used strictly for perimeter protection," said Mark Jones, CEO, SOS Security. "It's amazing how such a simple premise – automating firewall management based on business requirements, as opposed to framing business requirements around the limitations of existing

technology, can eliminate so much complexity and radically simplify firewall operations. Tufin already drives a significant amount of business for us, and we anticipate SecureApp will be a lucrative and popular addition to our firewall operations management portfolio."

"When we asked our customers where they were spending the most time and energy, the answer was almost always applications," said Ruvi Kitov, CEO, Tufin Technologies. "Since application owners don't speak 'firewall', there were often miscommunications between the application teams and the network teams, resulting in a wide range of compliance, business continuity, and other process problems. We decided that a new, application-oriented paradigm would solve those problems, and if the feedback we have received is any indicator, we are confident SecureApp will revolutionize firewall policy management."

Pricing and availability

SecureApp is available immediately. Pricing is contingent on SecureTrack and SecureChange licensing, with base list price starting at $45K for up to 10 managed applications.

About Tufin Technologies

Tufin&trade is the leading provider of Security Policy Management solutions that enable organizations to take control their firewalls. More than 1000 companies have deployed the award-winning Tufin Security Suite to proactively manage risk, continuously comply with standards, and keep business-critical applications online. The Tufin Security Suite (TSS) consists of three products: SecureTrack, SecureChange, and Tufin's most recent innovation, SecureApp. TSS enables IT to automate and centrally manage security policies across a wide set of network infrastructure, including traditional and next-generation firewalls, routers, switches and load balancers. With a unique, application-oriented approach, Tufin simplifies and streamlines firewall operations, slashing the time spent on policy management by up to 75%. Founded in 2005, Tufin serves customers in every industry including finance, telecommunications, transportation and energy, and partners with Check Point, Cisco, Juniper Networks, Fortinet, F5, Palo Alto Networks, McAfee and BMC to provide the most comprehensive solutions available.

For more information visit www.tufin.com, or follow Tufin on:

• Twitter: http://twitter.com/TufinTech

• Facebook: http://www.facebook.com/Tufintech

• Google+: https://plus.google.com/s/tufin

• LinkedIn: http://www.linkedin.com/companies/tufin-technologies

• YouTube: http://www.youtube.com/user/Tufintech

• The Tufin Blog: http://www.tufin.com/blog

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-0360
Published: 2014-04-23
Memory leak in Cisco IOS before 15.1(1)SY, when IKEv2 debugging is enabled, allows remote attackers to cause a denial of service (memory consumption) via crafted packets, aka Bug ID CSCtn22376.

CVE-2012-1317
Published: 2014-04-23
The multicast implementation in Cisco IOS before 15.1(1)SY allows remote attackers to cause a denial of service (Route Processor crash) by sending packets at a high rate, aka Bug ID CSCts37717.

CVE-2012-1366
Published: 2014-04-23
Cisco IOS before 15.1(1)SY on ASR 1000 devices, when Multicast Listener Discovery (MLD) tracking is enabled for IPv6, allows remote attackers to cause a denial of service (device reload) via crafted MLD packets, aka Bug ID CSCtz28544.

CVE-2012-3062
Published: 2014-04-23
Cisco IOS before 15.1(1)SY, when Multicast Listener Discovery (MLD) snooping is enabled, allows remote attackers to cause a denial of service (CPU consumption or device crash) via MLD packets on a network that contains many IPv6 hosts, aka Bug ID CSCtr88193.

CVE-2012-3918
Published: 2014-04-23
Cisco IOS before 15.3(1)T on Cisco 2900 devices, when a VWIC2-2MFT-T1/E1 card is configured for TDM/HDLC mode, allows remote attackers to cause a denial of service (serial-interface outage) via certain Frame Relay traffic, aka Bug ID CSCub13317.

Best of the Web