Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/19/2012
02:35 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Tufin Launches SecureApp

Provides a central repository for application connectivity data

Ramat Gan, Israel, September 19, 2012 - Tufin Technologies, the market-leading provider of Security Policy Management solutions, today unveiled a brand new product, SecureApp(tm). SecureApp was developed to address what firewall administrators cite as one of their biggest challenges: managing the network connectivity of enterprise applications. As verified in a survey conducted this month among more than 100 network security professionals, 9 out of 10 organizations say that the most common reason for a firewall change request is application connectivity related. Almost one third said they believed a rule change related to a new application may have caused a breach, and 31% deploy a new application each week. Despite the sophisticated automation offered by existing firewall management solutions, managing application connectivity has remained a manual and error prone process.

"We were already a big fan of Tufin's products, but SecureApp is a game-changer," said Christoph Littwin, Head of Telecommunications, SIX Group. "The majority of our firewall changes are application related. We knew we were spending far too much time on tasks like application deployment and decommissioning, and wanted to manage application-related firewall changes from a business process perspective instead of hunting for connectivity data spread across our entire infrastructure. We found nothing on the market and even considered developing and implementing our own tool. When Tufin showed us SecureApp our requirements were almost identical, and we immediately moved forward. We are delighted with the product and applaud Tufin for its ongoing innovation."

"While Next Generation Firewalls are moving the industry forward by making firewalls application-aware, network security operations must also move forward by evolving firewall management practices to be application-connectivity aware," said Jim Frey, managing research director, Enterprise Management Associates. "That means starting 'top-down' with application-specific policy management, so business-facing activities such as adding or de-commissioning applications can be linked directly to security infrastructure changes. Tufin has taken precisely this approach with SecureApp, which puts an application connectivity-centered front end on their established firewall management solution. The new combination offers a sure opportunity to improve communication with application owners while also increasing efficiency, accuracy, integrity, and policy compliance."

Introducing Tufin SecureApp

An integral part of the Tufin Security Suite, Tufin SecureApp is the first product of its kind. It provides a central repository for application connectivity data and presents it in a way that network administrators and application owners can easily and strategically leverage to deploy, modify, de-commission, monitor up-time and troubleshoot application connectivity issues.

SecureApp enables application teams and network teams to finally communicate accurately, eliminating the misunderstandings that lead to errors, wasted time, and unnecessary security and compliance exposure. It improves IT processes by abstracting application connectivity data from the network security policy, putting it in the context of the organization's business requirements, rather than forcing administrators to manually extract it from the rule base where it is dispersed across numerous firewalls, routers and potentially thousands of rules.

Tufin executives provide a deeper dive on the business case for SecureApp at http://bit.ly/QjHwXf.

The major components of SecureApp include:

• Visual Application Connectivity Editor: An intuitive interface for defining and documenting an application's network connectivity requirements at the level of network source, service and destination. No understanding of the network firewalls or routing is required.

• Application Deployment: Create SecureChange tickets with a change request for implementing the required application-related change requests on the network security infrastructure.

• Application Decommissioning: Automatically identify the policy rules that need to be changed or removed across all affected firewalls and routers, eliminating unneeded access that can lead to a breach or a compliance violation.

• Connectivity Status Monitoring: View the status of every application connectivity requirement based on real-time analysis of security policies, coupled with network topology path analysis.

• Central Application and Server Repository: A central library of all enterprise applications with drill-down capability into individual users, servers and connectivity needs.

• Application Lifecycle Management: Manage all of your applications' network requirements from initial deployment through maintenance and decommissioning.

• Application Audit Trail: Maintain a history of all changes to application connectivity including tickets and firewall rules/ACLs.

For a full list of features, please visit http://bit.ly/QjHONN.

"Tufin SecureApp delivers firewall management functionality that maps to how firewalls are actually being used today, as opposed to 20 years ago when they were being used strictly for perimeter protection," said Mark Jones, CEO, SOS Security. "It's amazing how such a simple premise – automating firewall management based on business requirements, as opposed to framing business requirements around the limitations of existing

technology, can eliminate so much complexity and radically simplify firewall operations. Tufin already drives a significant amount of business for us, and we anticipate SecureApp will be a lucrative and popular addition to our firewall operations management portfolio."

"When we asked our customers where they were spending the most time and energy, the answer was almost always applications," said Ruvi Kitov, CEO, Tufin Technologies. "Since application owners don't speak 'firewall', there were often miscommunications between the application teams and the network teams, resulting in a wide range of compliance, business continuity, and other process problems. We decided that a new, application-oriented paradigm would solve those problems, and if the feedback we have received is any indicator, we are confident SecureApp will revolutionize firewall policy management."

Pricing and availability

SecureApp is available immediately. Pricing is contingent on SecureTrack and SecureChange licensing, with base list price starting at $45K for up to 10 managed applications.

About Tufin Technologies

Tufin&trade is the leading provider of Security Policy Management solutions that enable organizations to take control their firewalls. More than 1000 companies have deployed the award-winning Tufin Security Suite to proactively manage risk, continuously comply with standards, and keep business-critical applications online. The Tufin Security Suite (TSS) consists of three products: SecureTrack, SecureChange, and Tufin's most recent innovation, SecureApp. TSS enables IT to automate and centrally manage security policies across a wide set of network infrastructure, including traditional and next-generation firewalls, routers, switches and load balancers. With a unique, application-oriented approach, Tufin simplifies and streamlines firewall operations, slashing the time spent on policy management by up to 75%. Founded in 2005, Tufin serves customers in every industry including finance, telecommunications, transportation and energy, and partners with Check Point, Cisco, Juniper Networks, Fortinet, F5, Palo Alto Networks, McAfee and BMC to provide the most comprehensive solutions available.

For more information visit www.tufin.com, or follow Tufin on:

• Twitter: http://twitter.com/TufinTech

• Facebook: http://www.facebook.com/Tufintech

• Google+: https://plus.google.com/s/tufin

• LinkedIn: http://www.linkedin.com/companies/tufin-technologies

• YouTube: http://www.youtube.com/user/Tufintech

• The Tufin Blog: http://www.tufin.com/blog

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
DevSecOps: The Answer to the Cloud Security Skills Gap
Lamont Orange, Chief Information Security Officer at Netskope,  11/15/2019
Attackers' Costs Increasing as Businesses Focus on Security
Robert Lemos, Contributing Writer,  11/15/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: -when I told you that our cyber-defense was from another age
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2011-3350
PUBLISHED: 2019-11-19
masqmail 0.2.21 through 0.2.30 improperly calls seteuid() in src/log.c and src/masqmail.c that results in improper privilege dropping.
CVE-2011-3352
PUBLISHED: 2019-11-19
Zikula 1.3.0 build #3168 and probably prior has XSS flaw due to improper sanitization of the 'themename' parameter by setting default, modifying and deleting themes. A remote attacker with Zikula administrator privilege could use this flaw to execute arbitrary HTML or web script code in the context ...
CVE-2011-3349
PUBLISHED: 2019-11-19
lightdm before 0.9.6 writes in .dmrc and Xauthority files using root permissions while the files are in user controlled folders. A local user can overwrite root-owned files via a symlink, which can allow possible privilege escalation.
CVE-2019-10080
PUBLISHED: 2019-11-19
The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file. The XML file has the ability to make external calls to services (via XXE) and reveal information such as the versions of Java, Jersey, and Apache that the NiFI ...
CVE-2019-10083
PUBLISHED: 2019-11-19
When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). The response included details about processors and controller services which the user may not have had read access to.