02:35 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly

Tufin Launches SecureApp

Provides a central repository for application connectivity data

Ramat Gan, Israel, September 19, 2012 - Tufin Technologies, the market-leading provider of Security Policy Management solutions, today unveiled a brand new product, SecureApp(tm). SecureApp was developed to address what firewall administrators cite as one of their biggest challenges: managing the network connectivity of enterprise applications. As verified in a survey conducted this month among more than 100 network security professionals, 9 out of 10 organizations say that the most common reason for a firewall change request is application connectivity related. Almost one third said they believed a rule change related to a new application may have caused a breach, and 31% deploy a new application each week. Despite the sophisticated automation offered by existing firewall management solutions, managing application connectivity has remained a manual and error prone process.

"We were already a big fan of Tufin's products, but SecureApp is a game-changer," said Christoph Littwin, Head of Telecommunications, SIX Group. "The majority of our firewall changes are application related. We knew we were spending far too much time on tasks like application deployment and decommissioning, and wanted to manage application-related firewall changes from a business process perspective instead of hunting for connectivity data spread across our entire infrastructure. We found nothing on the market and even considered developing and implementing our own tool. When Tufin showed us SecureApp our requirements were almost identical, and we immediately moved forward. We are delighted with the product and applaud Tufin for its ongoing innovation."

"While Next Generation Firewalls are moving the industry forward by making firewalls application-aware, network security operations must also move forward by evolving firewall management practices to be application-connectivity aware," said Jim Frey, managing research director, Enterprise Management Associates. "That means starting 'top-down' with application-specific policy management, so business-facing activities such as adding or de-commissioning applications can be linked directly to security infrastructure changes. Tufin has taken precisely this approach with SecureApp, which puts an application connectivity-centered front end on their established firewall management solution. The new combination offers a sure opportunity to improve communication with application owners while also increasing efficiency, accuracy, integrity, and policy compliance."

Introducing Tufin SecureApp

An integral part of the Tufin Security Suite, Tufin SecureApp is the first product of its kind. It provides a central repository for application connectivity data and presents it in a way that network administrators and application owners can easily and strategically leverage to deploy, modify, de-commission, monitor up-time and troubleshoot application connectivity issues.

SecureApp enables application teams and network teams to finally communicate accurately, eliminating the misunderstandings that lead to errors, wasted time, and unnecessary security and compliance exposure. It improves IT processes by abstracting application connectivity data from the network security policy, putting it in the context of the organization's business requirements, rather than forcing administrators to manually extract it from the rule base where it is dispersed across numerous firewalls, routers and potentially thousands of rules.

Tufin executives provide a deeper dive on the business case for SecureApp at http://bit.ly/QjHwXf.

The major components of SecureApp include:

• Visual Application Connectivity Editor: An intuitive interface for defining and documenting an application's network connectivity requirements at the level of network source, service and destination. No understanding of the network firewalls or routing is required.

• Application Deployment: Create SecureChange tickets with a change request for implementing the required application-related change requests on the network security infrastructure.

• Application Decommissioning: Automatically identify the policy rules that need to be changed or removed across all affected firewalls and routers, eliminating unneeded access that can lead to a breach or a compliance violation.

• Connectivity Status Monitoring: View the status of every application connectivity requirement based on real-time analysis of security policies, coupled with network topology path analysis.

• Central Application and Server Repository: A central library of all enterprise applications with drill-down capability into individual users, servers and connectivity needs.

• Application Lifecycle Management: Manage all of your applications' network requirements from initial deployment through maintenance and decommissioning.

• Application Audit Trail: Maintain a history of all changes to application connectivity including tickets and firewall rules/ACLs.

For a full list of features, please visit http://bit.ly/QjHONN.

"Tufin SecureApp delivers firewall management functionality that maps to how firewalls are actually being used today, as opposed to 20 years ago when they were being used strictly for perimeter protection," said Mark Jones, CEO, SOS Security. "It's amazing how such a simple premise – automating firewall management based on business requirements, as opposed to framing business requirements around the limitations of existing

technology, can eliminate so much complexity and radically simplify firewall operations. Tufin already drives a significant amount of business for us, and we anticipate SecureApp will be a lucrative and popular addition to our firewall operations management portfolio."

"When we asked our customers where they were spending the most time and energy, the answer was almost always applications," said Ruvi Kitov, CEO, Tufin Technologies. "Since application owners don't speak 'firewall', there were often miscommunications between the application teams and the network teams, resulting in a wide range of compliance, business continuity, and other process problems. We decided that a new, application-oriented paradigm would solve those problems, and if the feedback we have received is any indicator, we are confident SecureApp will revolutionize firewall policy management."

Pricing and availability

SecureApp is available immediately. Pricing is contingent on SecureTrack and SecureChange licensing, with base list price starting at $45K for up to 10 managed applications.

About Tufin Technologies

Tufin&trade is the leading provider of Security Policy Management solutions that enable organizations to take control their firewalls. More than 1000 companies have deployed the award-winning Tufin Security Suite to proactively manage risk, continuously comply with standards, and keep business-critical applications online. The Tufin Security Suite (TSS) consists of three products: SecureTrack, SecureChange, and Tufin's most recent innovation, SecureApp. TSS enables IT to automate and centrally manage security policies across a wide set of network infrastructure, including traditional and next-generation firewalls, routers, switches and load balancers. With a unique, application-oriented approach, Tufin simplifies and streamlines firewall operations, slashing the time spent on policy management by up to 75%. Founded in 2005, Tufin serves customers in every industry including finance, telecommunications, transportation and energy, and partners with Check Point, Cisco, Juniper Networks, Fortinet, F5, Palo Alto Networks, McAfee and BMC to provide the most comprehensive solutions available.

For more information visit www.tufin.com, or follow Tufin on:

• Twitter: http://twitter.com/TufinTech

• Facebook: http://www.facebook.com/Tufintech

• Google+: https://plus.google.com/s/tufin

• LinkedIn: http://www.linkedin.com/companies/tufin-technologies

• YouTube: http://www.youtube.com/user/Tufintech

• The Tufin Blog: http://www.tufin.com/blog

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
Published: 2014-07-09
Heap-based buffer overflow in the xjpegls.dll (aka JLS, JPEG-LS, or JPEG lossless) format plugin in XnView 1.99 and 1.99.1 allows remote attackers to execute arbitrary code via a crafted JLS image file.

Published: 2014-07-09
The cdf_read_short_sector function in cdf.c in file before 5.19, as used in the Fileinfo component in PHP before 5.4.30 and 5.5.x before 5.5.14, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted CDF file.

Published: 2014-07-09
Adobe Flash Player before and 14.x before on Windows and OS X and before on Linux, Adobe AIR before on Android, Adobe AIR SDK before, and Adobe AIR SDK & Compiler before allow attackers to bypass intended access restrictions via uns...

Published: 2014-07-09
Adobe Flash Player before and 14.x before on Windows and OS X and before on Linux, Adobe AIR before on Android, Adobe AIR SDK before, and Adobe AIR SDK & Compiler before allow attackers to bypass intended access restrictions via uns...

Published: 2014-07-09
The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.