Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

9/19/2012
02:35 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Tufin Launches SecureApp

Provides a central repository for application connectivity data

Ramat Gan, Israel, September 19, 2012 - Tufin Technologies, the market-leading provider of Security Policy Management solutions, today unveiled a brand new product, SecureApp(tm). SecureApp was developed to address what firewall administrators cite as one of their biggest challenges: managing the network connectivity of enterprise applications. As verified in a survey conducted this month among more than 100 network security professionals, 9 out of 10 organizations say that the most common reason for a firewall change request is application connectivity related. Almost one third said they believed a rule change related to a new application may have caused a breach, and 31% deploy a new application each week. Despite the sophisticated automation offered by existing firewall management solutions, managing application connectivity has remained a manual and error prone process.

"We were already a big fan of Tufin's products, but SecureApp is a game-changer," said Christoph Littwin, Head of Telecommunications, SIX Group. "The majority of our firewall changes are application related. We knew we were spending far too much time on tasks like application deployment and decommissioning, and wanted to manage application-related firewall changes from a business process perspective instead of hunting for connectivity data spread across our entire infrastructure. We found nothing on the market and even considered developing and implementing our own tool. When Tufin showed us SecureApp our requirements were almost identical, and we immediately moved forward. We are delighted with the product and applaud Tufin for its ongoing innovation."

"While Next Generation Firewalls are moving the industry forward by making firewalls application-aware, network security operations must also move forward by evolving firewall management practices to be application-connectivity aware," said Jim Frey, managing research director, Enterprise Management Associates. "That means starting 'top-down' with application-specific policy management, so business-facing activities such as adding or de-commissioning applications can be linked directly to security infrastructure changes. Tufin has taken precisely this approach with SecureApp, which puts an application connectivity-centered front end on their established firewall management solution. The new combination offers a sure opportunity to improve communication with application owners while also increasing efficiency, accuracy, integrity, and policy compliance."

Introducing Tufin SecureApp

An integral part of the Tufin Security Suite, Tufin SecureApp is the first product of its kind. It provides a central repository for application connectivity data and presents it in a way that network administrators and application owners can easily and strategically leverage to deploy, modify, de-commission, monitor up-time and troubleshoot application connectivity issues.

SecureApp enables application teams and network teams to finally communicate accurately, eliminating the misunderstandings that lead to errors, wasted time, and unnecessary security and compliance exposure. It improves IT processes by abstracting application connectivity data from the network security policy, putting it in the context of the organization's business requirements, rather than forcing administrators to manually extract it from the rule base where it is dispersed across numerous firewalls, routers and potentially thousands of rules.

Tufin executives provide a deeper dive on the business case for SecureApp at http://bit.ly/QjHwXf.

The major components of SecureApp include:

• Visual Application Connectivity Editor: An intuitive interface for defining and documenting an application's network connectivity requirements at the level of network source, service and destination. No understanding of the network firewalls or routing is required.

• Application Deployment: Create SecureChange tickets with a change request for implementing the required application-related change requests on the network security infrastructure.

• Application Decommissioning: Automatically identify the policy rules that need to be changed or removed across all affected firewalls and routers, eliminating unneeded access that can lead to a breach or a compliance violation.

• Connectivity Status Monitoring: View the status of every application connectivity requirement based on real-time analysis of security policies, coupled with network topology path analysis.

• Central Application and Server Repository: A central library of all enterprise applications with drill-down capability into individual users, servers and connectivity needs.

• Application Lifecycle Management: Manage all of your applications' network requirements from initial deployment through maintenance and decommissioning.

• Application Audit Trail: Maintain a history of all changes to application connectivity including tickets and firewall rules/ACLs.

For a full list of features, please visit http://bit.ly/QjHONN.

"Tufin SecureApp delivers firewall management functionality that maps to how firewalls are actually being used today, as opposed to 20 years ago when they were being used strictly for perimeter protection," said Mark Jones, CEO, SOS Security. "It's amazing how such a simple premise – automating firewall management based on business requirements, as opposed to framing business requirements around the limitations of existing

technology, can eliminate so much complexity and radically simplify firewall operations. Tufin already drives a significant amount of business for us, and we anticipate SecureApp will be a lucrative and popular addition to our firewall operations management portfolio."

"When we asked our customers where they were spending the most time and energy, the answer was almost always applications," said Ruvi Kitov, CEO, Tufin Technologies. "Since application owners don't speak 'firewall', there were often miscommunications between the application teams and the network teams, resulting in a wide range of compliance, business continuity, and other process problems. We decided that a new, application-oriented paradigm would solve those problems, and if the feedback we have received is any indicator, we are confident SecureApp will revolutionize firewall policy management."

Pricing and availability

SecureApp is available immediately. Pricing is contingent on SecureTrack and SecureChange licensing, with base list price starting at $45K for up to 10 managed applications.

About Tufin Technologies

Tufin&trade is the leading provider of Security Policy Management solutions that enable organizations to take control their firewalls. More than 1000 companies have deployed the award-winning Tufin Security Suite to proactively manage risk, continuously comply with standards, and keep business-critical applications online. The Tufin Security Suite (TSS) consists of three products: SecureTrack, SecureChange, and Tufin's most recent innovation, SecureApp. TSS enables IT to automate and centrally manage security policies across a wide set of network infrastructure, including traditional and next-generation firewalls, routers, switches and load balancers. With a unique, application-oriented approach, Tufin simplifies and streamlines firewall operations, slashing the time spent on policy management by up to 75%. Founded in 2005, Tufin serves customers in every industry including finance, telecommunications, transportation and energy, and partners with Check Point, Cisco, Juniper Networks, Fortinet, F5, Palo Alto Networks, McAfee and BMC to provide the most comprehensive solutions available.

For more information visit www.tufin.com, or follow Tufin on:

• Twitter: http://twitter.com/TufinTech

• Facebook: http://www.facebook.com/Tufintech

• Google+: https://plus.google.com/s/tufin

• LinkedIn: http://www.linkedin.com/companies/tufin-technologies

• YouTube: http://www.youtube.com/user/Tufintech

• The Tufin Blog: http://www.tufin.com/blog

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.