Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


03:05 PM
Dark Reading
Dark Reading
Products and Releases

Stonesoft And Tufin Deliver Integrated Security Management Capabilities Enhancing Situational Awareness And Network Automation

Companies announce completion of first phase of the integration of their management interfaces

MORRISTOWN, N.J. and HELSINKI, Dec. 3, 2013 /PRNewswire/ -- The cyber security expert Stonesoft, a McAfee Group Company, and Tufin Technologies, the market leading provider of Security Policy Orchestration solutions, today announced the completion of the first phase of the integration of their management interfaces. The joint solution combines Stonesoft's contextual awareness with Tufin's security policy orchestration to provide joint customers with enhanced network security controls and a more holistic approach to managing increasingly complex, dynamic, multi-vendor networks. Tufin is the first vendor to integrate with Stonesoft's new Security Management Center API.

Operational leverage

As an enabler of agile and secure operations, the role of network management has become fundamental for organisations. Simultaneously, as networks expand and become more complex, their management becomes increasingly challenging, having to support new technologies and multiple vendor solutions across the organisation. The seamless integration of different management components and tools helps organisations attain a holistic approach to network management that is both secure and efficient.

"Our mutual customers will gain additional value from Tufin and Stonesoft's established relationship as we move into the second phase of integration and beyond," said Reuven Harrison, CTO, Tufin. "We look forward to our continued work with Stonesoft to ensure our customers can ensure Security Policy is always in line with business without sacrificing compliance, efficiency or agility."

Holistic approach to policy management

The Security Management Center (SMC), part of the visionary Stonesoft Next Generation Firewall, provides an Application Programming Interface (API) with the 5.6 release. While the SMC makes management of the Next Generation Firewall smooth and easy, this API simplifies integrations between the SMC and third party management systems. The REST architecture-based SMC API enables network managers to automate tasks such as element and rule addition, editing and removal.

The Tufin Orchestration Suite(TM) is a centralised policy management system spanning over multiple technologies and vendors. Version R13-3 of the Tufin Orchestration Suite adds Stonesoft's SMC to its wide range of supported network devices.

The initial phase of the integration via the SMC API enables users to manage network topology, view and analyse policies, as well as track policy changes through the Tufin Orchestration Suite. It also provides tools that assist mutual customers in meeting regulatory compliance standards such as PCI-DSS and SOX.

"The integration between Stonesoft and Tufin provides new opportunities for our mutual customers to achieve the best possible situational awareness and network automation in multi-vendor environments," said Tero Jantunen, SMC Product Architect, Stonesoft, A McAfee Group Company.


Management integration is available with Stonesoft NGFW release 5.6 and Tufin R13-3. Stonesoft 5.6 and Tufin R13-3 are both immediately available.


-- SMC API user's guide


-- Tufin Security Policy Orchestration/R13-3 Press Release


About Stonesoft, a McAfee Group Company

Stonesoft protects valuable information and digital assets through integrated and centrally managed Next Generation Firewall/VPN, intrusion and evasion prevention system technologies. Stonesoft's product portfolio provides organisations the highest level of cyber security, investment protection, operational resilience, situational awareness, centralised command and control and resource optimisation. Stonesoft's unified software core enables an adaptive and agile advantage, as well as cost efficiency over hardware- and blade-based competitors. Stonesoft has the highest customer retention rate in the industry due to low TCO, a flexible licensing model and overall customer service excellence. Stonesoft is widely recognised for its research of advanced evasion techniques (AETs) used in targeted cyber attacks. Leading independent test labs and analysts rank its products high in NGFW features, AET protection and manageability. Founded in 1990 and acquired by McAfee in 2013, Stonesoft is part of McAfee's Security Connected approach creating the world's most comprehensive security offering.



About Tufin Technologies

Tufin® is the leader in Security Policy Orchestration, automating and accelerating network infrastructure changes while maintaining security and compliance. By improving network change processes, organisations using the Tufin Orchestration Suite(TM) will have a positive impact on the business by reducing the time and cost spent implementing network changes by up to 80%. Taking a holistic view of IT, the Tufin Orchestration Suite helps organisations automate security and efficiency into day-to-day operations, enabling them to be more agile and leverage technology to gain a competitive advantage. Founded in 2005, Tufin serves more than 1,200 customers in industries from telecom and financial services to energy, transportation and pharmaceuticals. Tufin partners with leading vendors including Check Point, Cisco, Juniper Networks, Palo Alto Networks, Fortinet, F5, Stonesoft, Blue Coat, McAfee and BMC Software, and is known for technological innovation and dedicated customer service.

For more information visit www.tufin.com, or follow Tufin on:

-- Twitter: http://twitter.com/TufinTech

-- Facebook: http://www.facebook.com/Tufintech

-- LinkedIn: http://www.linkedin.com/companies/tufin-technologies

-- BrightTalk:


-- YouTube: http://www.youtube.com/user/Tufintech

-- The Tufin Blog: http://www.tufin.com/blog

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Cartoon Contest
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-01-25
The MediaWiki "Report" extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of Medi...
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a "zip-slip" vulnerability. The directory support feature allows the ...
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions < 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting