Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk //

Compliance

8/11/2015
10:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Tufin Launches Latest Release Of Its Orchestration Suite

August 5, 2015 – Morristown, New Jersey – Tufin<http://www.tufin.com/>® today announces the launch of the latest release of the award-winning Tufin Orchestration Suite<http://www.tufin.com/products-solutions/products/orchestration-suite/>™ R15-2 which enables organizations to efficiently manage, visualize and control security policies across their entire physical network and hybrid cloud platforms through automation and analytics. Tufin Orchestration Suite R15-2 brings customers improved security through automated application connectivity decommissioning and adds additional controls for compliance needs like NERC and PCI DSS 3.0. New visibility & control capabilities are now also available for OpenStack private and public clouds.

Some of the highlighted new capabilities in R15-2 include:

New Automation Capabilities to Reduce the Attack Surface:

•         Automated Decommissioning of Application and Network Access –automatically detect and shut down unused and obsolete firewall rules and objects.

•         Extended support for Palo Alto Networks – Fully automated design and change provisioning for Palo Alto Networks to automate changes to its next-generation firewalls.

New Security Controls:

•         Improved Visibility for Compliance and Governance - Ensures tighter control over security policies and compliance with industry standards such as PCI DSS 3.0 and NERC CIP V5.

Clearer visibility & control over heterogeneous networks:

•         Support for OpenStack – R15-2 also extends support for the open-source cloud platform, offering full visibility of the configuration of OpenStack Instances and Security Groups, as well as giving organizations the ability to track and monitor any changes.

•         Multi-tenancy for Managed Service Providers and Overlapping IP Networks – R15-2 significantly improves functionality for organizations managing multiple domains for different customers. It allows users to easily manage network segmentation for multiple domains while maintaining strict separation between different customers or business units. Users also gain immediate insights into security and compliance violations in different domains, as well as automation support for large organizations with networks containing overlapping IP address ranges.

The new release also introduces a raft of other enhancements including new capabilities to improve workflow automation, scalability, reporting, topology analysis, policy browsing and authentication, as well as support for a wider range of third-party products and services.

Ofer Or, VP Products at Tufin, said: “The Verizon Data Breach Investigation Report 2015 estimated that $400m[i] is lost from compromised records and 60% of incidents can be attributed to errors made by administrators. Only through effective security orchestration can organizations hope to guard effectively against the growing threats we face from ever-more sophisticated and determined hackers. That’s why we’ve focused this release on security as well as agility to make it simpler and quicker than ever for our customers to ensure policy compliance and minimize the risks to their organizations across physical, virtual and cloud environments.”

Availability

Tufin Orchestration Suite<http://www.tufin.com/products-solutions/products/orchestration-suite/>™ R15-2 is generally available today. For more information or to request an evaluation, visit http://www.tufin.com/products-solutions/products/orchestration-suite/.

About the Tufin Orchestration Suite

The Tufin Orchestration Suite<http://www.tufin.com/products-solutions/products/orchestration-suite/>™ is a complete solution for automatically designing, provisioning, analyzing and auditing network security changes from the application layer down to the network layer. It minimizes errors and redoes for rapid service delivery, continuous compliance and business continuity.

Tufin provides world-class security policy orchestration solutions that enable organizations around the world to manage network configuration changes accurately and efficiently.  By orchestrating complex processes involving multiple teams, applications, servers and network devices, Tufin addresses the challenges of a variety of stakeholders throughout the organization, while enabling them all to collaborate more effectively. Find out more at www.tufin.com<http://www.tufin.com/>

 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: I can't find the back door.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
New Best Practices for Secure App Development
New Best Practices for Secure App Development
The transition from DevOps to SecDevOps is combining with the move toward cloud computing to create new challenges - and new opportunities - for the information security team. Download this report, to learn about the new best practices for secure application development.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21275
PUBLISHED: 2021-01-25
The MediaWiki &quot;Report&quot; extension has a Cross-Site Request Forgery (CSRF) vulnerability. Before fixed version, there was no protection against CSRF checks on Special:Report, so requests to report a revision could be forged. The problem has been fixed in commit f828dc6 by making use of Medi...
CVE-2021-21272
PUBLISHED: 2021-01-25
ORAS is open source software which enables a way to push OCI Artifacts to OCI Conformant registries. ORAS is both a CLI for initial testing and a Go Module. In ORAS from version 0.4.0 and before version 0.9.0, there is a &quot;zip-slip&quot; vulnerability. The directory support feature allows the ...
CVE-2021-23901
PUBLISHED: 2021-01-25
An XML external entity (XXE) injection vulnerability was discovered in the Nutch DmozParser and is known to affect Nutch versions &lt; 1.18. XML external entity injection (also known as XXE) is a web security vulnerability that allows an attacker to interfere with an application's processing of XML ...
CVE-2020-17532
PUBLISHED: 2021-01-25
When handler-router component is enabled in servicecomb-java-chassis, authenticated user may inject some data and cause arbitrary code execution. The problem happens in versions between 2.0.0 ~ 2.1.3 and fixed in Apache ServiceComb-Java-Chassis 2.1.5
CVE-2020-12512
PUBLISHED: 2021-01-22
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting