Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

1/26/2010
02:47 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Tufin Rolls Out New Version of Firewall Management Tool

TSS 5.1 features the Tufin Security Score, a risk scoring engine that provides visibility into the security and compliance posture of firewalls, enhanced workflow automation, and updated PCI-DSS reporting

January 19, 2010 " Ramat Gan, Israel - Tufin Technologies, the leading provider of Security Lifecycle Management solutions, today announced version 5.1 of its award-winning Tufin Security Suite (TSS). TSS is the combined offering of Tufin's flagship firewall operations product, SecureTrack, and Secure Change Workflow, its innovative change management solution. Version 5.1 features the Tufin Security Score, a risk scoring engine that provides all stakeholders with instant visibility into the security and compliance posture of their firewalls, enhanced workflow automation, and updated PCI-DSS reporting. With TSS 5.1, Tufin once again sets the bar for what any organization looking to automate network security policy and change management should expect in terms of functionality, business value, and ease of use.

"With highly dynamic networks, finding and eliminating network security risks as soon as - or even before they happen is a prime objective," said Colin Miles, Corporate Network Manager, Virgin Media. SecureTrack's new Security Score automates risk management in a very useful way, making it much easier to manageably and consistently to spot trends and identify issues that require immediate attention. Tufin's focus on automating more complex security change processes is exactly the kind of innovation that is needed within the industry. With every release, Tufin demonstrates how well it understands the challenges its customer face by delivering enhancements that enable us to be more strategic and make better decisions."

Tufin customers report that deploying TSS cut the time and cost of firewall operations in half, resulting in a return on investment in less than eight months. By further automating risk and change management, Tufin extends additional time and cost savings to areas that are either still highly manual in nature or have only baseline automation, enabling organizations reap dramatic, quantifiable efficiency gains.

"Technology such as Tufin's, that provides a clear picture into what would otherwise be difficult for operational teams to consistently manage, adds some much needed science to the art of managing network security," said Scott Crawford, EMA. "Sifting through numerous firewalls from multiple vendors, each with hundreds of rules, just to pinpoint why a seemingly straightforward policy change caused a significant outage or problem is incredibly painful " yet this is all too often the day-to-day reality in hundreds of enterprises. Tufin offers a very practical solution whose strength lies in its ability to simplify this complexity and make firewall management more realistic, not just for the large or complex enterprise but for any organization that struggles with this all-too-common reality."

TSS 5.1: Delivering Metrics that Matter, Productivity-increasing Process Tufin's new risk report enables administrators to vet firewalls across a wide set of predefined and customizable factors. When the analysis is complete, each device is assigned a unique Security Score. TSS provides the Security Score of each firewall gateway and also provides a comprehensive, cross vendor, organizational level score. This provides non-technical stakeholders with a clear understanding of the nature and level of overall network security risk and technical stakeholders with the granular, actionable data they need to manage it accordingly.

On the change management front, Tufin has automated complex, parallel workflows, enabling a trouble ticket to be dynamically split into concurrent activities and divided up between different administrators or groups of administrators to follow up on. The ability to support parallel workflows provides greater flexibility when automating complex business processes and substantially reduces the time it takes for policy changes to be crafted, approved, tested and implemented. TSS 5.1 also features deeper integration with BMC Remedy, so that all changes can be managed in Remedy while retaining the security elements inherent in SecureChange Workflow workflows.

TSS 5.1 also features enhanced support for Fortinet VDOMS. Already a FortiVerified partner, Tufin is committed to its partnering with industry leaders and innovators. TSS is architected to easily integrate into highly heterogeneous environments which include full support for logical and virtual environments " an important distinction as companies continue to explore virtualization as a way to reign in costs. Also in this version is an updated PCI 1.2.1 report, in line with the latest specification of the PCI DSS standard.

"In a market that is quickly growing in size and expanding in scope, and with feedback from more than 500 customers, we are extremely focused on what will provide the greatest return in the shortest time to our customers," said Reuven Harrison, CTO, Tufin Technologies. "By enabling our customers to implement standardized, scalable, transparent and auditable processes, we mitigate the risk stemming from operational complexity. This allows them to focus on more proactive, strategic decision making, which in turn fuels our ability to deliver functionality such as the new Risk Report or the APG, our rule base optimization engine, that enables them to execute on those decisions faster and easier."

Pricing and Availability TSS 5.1 will be Generally Available in February 2010. Pricing starts at $20,000.

About Tufin Security Suite Tufin Security Suite (TM) (TSS) is industry's first comprehensive Security Lifecycle Management solution. Seamlessly integrating its award-winning SecureTrack and SecureChange Workflow solutions into an open, extensible and distributed architecture, TSS features full interoperability with Check Point, Cisco, Juniper, Fortinet, F5, Blue Coat and others, TSS provides the capacity to automate security policy management for any device in the Security Lifecycle Management eco-system, enabling organizations to reduce the cost of security operations and compliance while increasing operational efficiency, tightening network security, and ensuring business continuity.

About Tufin Technologies, Inc. Tufin is the leading provider of Security Lifecycle Management solutions that enable companies to cost-effectively manage their network security policy, comply with regulatory standards, and minimize IT risk. Tufin's products SecureTrack and SecureChange Workflow help security operations teams to manage change, minimize risks and dramatically reduce manual, repetitive tasks through automation. With a combination of accuracy and simplicity, Tufin empowers security officers to perform reliable audits and demonstrate compliance with corporate and government standards. Founded in 2005 by leading firewall and business systems experts, Tufin serves more than 500 customers in industries from telecom and financial services to energy, transportation and pharmaceuticals. A respected member of the network security community, Tufin partners with leading vendors including Check Point, Cisco, Juniper, Fortinet and F5, and is committed to setting the gold standard for technological innovation and dedicated customer service. For more information visit www.tufin.com, or follow Tufin on: Twitter at http://twitter.com/TufinTech, LinkedIn at http://www.linkedin.com/groupRegistration?gid=1968264, FaceBook at http://www.facebook.com/group.php?gid=84473097725, The Tufin Blog at http://tufintech.wordpress.com/, The Tufin Channel on YouTube at http://www.youtube.com/user/Tufintech

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
IoT Vendor Ubiquiti Suffers Data Breach
Dark Reading Staff 1/11/2021
The Data-Centric Path to Zero Trust
Altaz Valani, Director of Insights Research, Security Compass,  1/13/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).