Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/19/2012
02:35 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Tufin Launches SecureApp

Provides a central repository for application connectivity data

Ramat Gan, Israel, September 19, 2012 - Tufin Technologies, the market-leading provider of Security Policy Management solutions, today unveiled a brand new product, SecureApp(tm). SecureApp was developed to address what firewall administrators cite as one of their biggest challenges: managing the network connectivity of enterprise applications. As verified in a survey conducted this month among more than 100 network security professionals, 9 out of 10 organizations say that the most common reason for a firewall change request is application connectivity related. Almost one third said they believed a rule change related to a new application may have caused a breach, and 31% deploy a new application each week. Despite the sophisticated automation offered by existing firewall management solutions, managing application connectivity has remained a manual and error prone process.

"We were already a big fan of Tufin's products, but SecureApp is a game-changer," said Christoph Littwin, Head of Telecommunications, SIX Group. "The majority of our firewall changes are application related. We knew we were spending far too much time on tasks like application deployment and decommissioning, and wanted to manage application-related firewall changes from a business process perspective instead of hunting for connectivity data spread across our entire infrastructure. We found nothing on the market and even considered developing and implementing our own tool. When Tufin showed us SecureApp our requirements were almost identical, and we immediately moved forward. We are delighted with the product and applaud Tufin for its ongoing innovation."

"While Next Generation Firewalls are moving the industry forward by making firewalls application-aware, network security operations must also move forward by evolving firewall management practices to be application-connectivity aware," said Jim Frey, managing research director, Enterprise Management Associates. "That means starting 'top-down' with application-specific policy management, so business-facing activities such as adding or de-commissioning applications can be linked directly to security infrastructure changes. Tufin has taken precisely this approach with SecureApp, which puts an application connectivity-centered front end on their established firewall management solution. The new combination offers a sure opportunity to improve communication with application owners while also increasing efficiency, accuracy, integrity, and policy compliance."

Introducing Tufin SecureApp

An integral part of the Tufin Security Suite, Tufin SecureApp is the first product of its kind. It provides a central repository for application connectivity data and presents it in a way that network administrators and application owners can easily and strategically leverage to deploy, modify, de-commission, monitor up-time and troubleshoot application connectivity issues.

SecureApp enables application teams and network teams to finally communicate accurately, eliminating the misunderstandings that lead to errors, wasted time, and unnecessary security and compliance exposure. It improves IT processes by abstracting application connectivity data from the network security policy, putting it in the context of the organization's business requirements, rather than forcing administrators to manually extract it from the rule base where it is dispersed across numerous firewalls, routers and potentially thousands of rules.

Tufin executives provide a deeper dive on the business case for SecureApp at http://bit.ly/QjHwXf.

The major components of SecureApp include:

• Visual Application Connectivity Editor: An intuitive interface for defining and documenting an application's network connectivity requirements at the level of network source, service and destination. No understanding of the network firewalls or routing is required.

• Application Deployment: Create SecureChange tickets with a change request for implementing the required application-related change requests on the network security infrastructure.

• Application Decommissioning: Automatically identify the policy rules that need to be changed or removed across all affected firewalls and routers, eliminating unneeded access that can lead to a breach or a compliance violation.

• Connectivity Status Monitoring: View the status of every application connectivity requirement based on real-time analysis of security policies, coupled with network topology path analysis.

• Central Application and Server Repository: A central library of all enterprise applications with drill-down capability into individual users, servers and connectivity needs.

• Application Lifecycle Management: Manage all of your applications' network requirements from initial deployment through maintenance and decommissioning.

• Application Audit Trail: Maintain a history of all changes to application connectivity including tickets and firewall rules/ACLs.

For a full list of features, please visit http://bit.ly/QjHONN.

"Tufin SecureApp delivers firewall management functionality that maps to how firewalls are actually being used today, as opposed to 20 years ago when they were being used strictly for perimeter protection," said Mark Jones, CEO, SOS Security. "It's amazing how such a simple premise – automating firewall management based on business requirements, as opposed to framing business requirements around the limitations of existing

technology, can eliminate so much complexity and radically simplify firewall operations. Tufin already drives a significant amount of business for us, and we anticipate SecureApp will be a lucrative and popular addition to our firewall operations management portfolio."

"When we asked our customers where they were spending the most time and energy, the answer was almost always applications," said Ruvi Kitov, CEO, Tufin Technologies. "Since application owners don't speak 'firewall', there were often miscommunications between the application teams and the network teams, resulting in a wide range of compliance, business continuity, and other process problems. We decided that a new, application-oriented paradigm would solve those problems, and if the feedback we have received is any indicator, we are confident SecureApp will revolutionize firewall policy management."

Pricing and availability

SecureApp is available immediately. Pricing is contingent on SecureTrack and SecureChange licensing, with base list price starting at $45K for up to 10 managed applications.

About Tufin Technologies

Tufin&trade is the leading provider of Security Policy Management solutions that enable organizations to take control their firewalls. More than 1000 companies have deployed the award-winning Tufin Security Suite to proactively manage risk, continuously comply with standards, and keep business-critical applications online. The Tufin Security Suite (TSS) consists of three products: SecureTrack, SecureChange, and Tufin's most recent innovation, SecureApp. TSS enables IT to automate and centrally manage security policies across a wide set of network infrastructure, including traditional and next-generation firewalls, routers, switches and load balancers. With a unique, application-oriented approach, Tufin simplifies and streamlines firewall operations, slashing the time spent on policy management by up to 75%. Founded in 2005, Tufin serves customers in every industry including finance, telecommunications, transportation and energy, and partners with Check Point, Cisco, Juniper Networks, Fortinet, F5, Palo Alto Networks, McAfee and BMC to provide the most comprehensive solutions available.

For more information visit www.tufin.com, or follow Tufin on:

• Twitter: http://twitter.com/TufinTech

• Facebook: http://www.facebook.com/Tufintech

• Google+: https://plus.google.com/s/tufin

• LinkedIn: http://www.linkedin.com/companies/tufin-technologies

• YouTube: http://www.youtube.com/user/Tufintech

• The Tufin Blog: http://www.tufin.com/blog

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
How Attackers Could Use Azure Apps to Sneak into Microsoft 365
Kelly Sheridan, Staff Editor, Dark Reading,  3/24/2020
Malicious USB Drive Hides Behind Gift Card Lure
Dark Reading Staff 3/27/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
6 Emerging Cyber Threats That Enterprises Face in 2020
This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
Flash Poll
State of Cybersecurity Incident Response
State of Cybersecurity Incident Response
Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-10940
PUBLISHED: 2020-03-27
Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service.
CVE-2020-10939
PUBLISHED: 2020-03-27
Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation.
CVE-2020-6095
PUBLISHED: 2020-03-27
An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
CVE-2020-10817
PUBLISHED: 2020-03-27
The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued.
CVE-2020-10952
PUBLISHED: 2020-03-27
GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.