In order to keep under control the complexity of IT infrastructures, as well as the growing cyber-attacks volume, companies need dedicated network security management applications. Tufin Orchestration Suite is one such solution, providing centralized visualization, analysis, and control of network security policies. Datanet Systems experts also recommend it for the automation of the application’s adjustments for the entire infrastructure and the implementation of the compliance rules and requirements.

The extension, the adoption of new technologies and Cloud services, the changes in business needs, and the applications’ and end users’ requirements are the main factors that transform, over time, computer networks into conglomerates that are difficult to manage and secure.

Faced with an increasing volume of cyber-attacks, IT departments can no longer rely only on classic monitoring and control methods and need management and security solutions with which they can quickly detect and remediate threats.

To support organizations that operate large, geographically distributed networks, and integrate hybrid environments, Datanet Systems recommends Tufin Security Suite. The solution received this year’s “Cybersecurity Excellence Gold Award Winner” within the “Security Automation” category ⁽¹⁾, for its ability to automate and quickly apply changes at the network level, thus enabling companies to reduce the risk of security breaches and breaches compliance requirements.

 

What benefits Tufin Orchestration Suite delivers

With four modules, Tufin Orchestration Suite delivers a centralized network security management platform that ensures IT departments:

• extended visibility over the managed infrastructure and the traffic passing through it;
• the ability to define and apply centralized security policies to control how they communicate in hybrid environments;
• the automation of the design and provisioning processes of the configurations resulting from the changes occurring at the network level and their implementation throughout the infrastructure, in the on-premises and Cloud environments;
• the analysis of the configurations of firewalls, routers, switches, and Cloud platforms to identify security risks, configuration errors, and rules that need to be removed or replaced.
• numerous opportunities to integrate with Cloud platforms, security solutions, and operational tools to enable companies to control in an unified manner the security changes made at the network level.

How the Tufin suite works

The four components of the Tufin Orchestration Suite are:

• Tufin SecureTrack – ensures visibility and control over heterogeneous IT infrastructures, regardless of the type of architecture (traditional networks or Software-Defined Networks) and the environments in which they operate (on-premises, Cloud, or hybrid).

For example, using SecureTrack, companies have visibility at the firewall level, with real-time data on applications’ level of connectivity, defined security policies, changes and potential risks that have occurred. Tufin suite centrally stores all firewall rules and changes made, simplifying their unitary management.

SecureTrack collects information from network components that administrators can use to establish traffic baselines, then use those to allow or block traffic, and apply them in hybrid environments to achieve segmentation. The information is also used to automatically identify configuration errors and remedial actions using Tufin’s topology modelling and analysis suite functionalities.

By continuously monitoring and flagging network changes that create access risks and policy violations, SecureTrack also ensures that compliance requirements are met. The component also automates audit processes, by generating various customized reports based on the requirements of regulations and standards in force (GDPR, PCI-DSS, SOX, etc.)

• Tufin SecureChange –increases the IT departments’ agility and ability to identify, validate, and audit changes in network security.

SecureChange automatically applies security policy changes across the entire infrastructure, reducing operational effort and the risk of configuration errors. Tufin suite can be integrated with numerous ITSM (IT Service Management) operational solutions, thus enabling the use of unified workflows – for example, opening a ticket in the ITSM application can trigger a workflow within the suite to automatically implement changes.

SecureChange provides integrated risk assessment, proactively checking for changes by reporting to existing security policies and compliance requirements, but also to data from external sources – such as vulnerability scores delivered by SIEM or SOAR systems.

Last but not least, SecureChange simplifies audit processes by automatically recording all changes and delivering predefined audit and compliance workflows that can be customized and automated according to each company’s needs.

• Tufin SecureApp – helps IT departments implement applications and ensure compliance with their requirements, monitor their availability and compliance levels, and automate network-wide changes.

SecureApp provides end-to-end visibility into application connectivity using intelligent topology analysis technologies. The component delivers real-time information about connectivity status and provides diagnostic tools that help administrators detect, understand, and automatically fix emerging issues.

SecureApp enables automation of the processes of deploying, defining, monitoring, updating, and uninstalling applications, acting as a centralized interface to accomplish these processes. The component enables companies to automatically discover and inventory all applications running in the infrastructure by analyzing permissions granted on firewalls and network traffic.

• Tufin SecureCloud – provides real-time visibility on the used services and security configurations in Cloud, facilitating a uniform application of policies in hybrid environments.

Using SecureCloud, administrators can view and analyze real-time North/South and East/West traffic to assess settings and grant access and connectivity rights. The component includes an access policy engine that can generate and implement specific rules for each Cloud service used, without affecting the applications’ performance and wasting important resources.

The component flags in real-time any violations of compliance rules and security policies by continuously comparing Cloud security configurations against industry benchmarks (such as CIS) or regulatory frameworks. Thus, by using the alerts proactively issued by the Tufin suite, the IT departments can reduce the risks of exploiting configuration errors.

SecureCloud natively offers multi-Cloud support for IAM (Identity and Access Management) applications, firewall protocols, and various control systems, so that IT departments can benefit from valid information about how established security policies are being followed.

 

Native integration with Cisco solutions

Tufin is one of Cisco’s main technology partners, the suite natively integrates both with Cisco routers, switches, and firewalls, as well as with solutions such as Cisco Application Centric Infrastructure (ACI) or Cisco Secure Workload (the new name of Tetration Analytics).

For example, by integrating Tufin Orchestration Suite with Cisco ACI companies benefit over:

• real-time visibility into IT infrastructure, ACI Fabric topology, communication flows, and traffic;
• automation of security policy changes to be able to quickly provision rules on firewalls in hybrid environments and allocate access rights for deployed applications, thus eliminating the risk of error that occurs when performing manual configurations;
• consistent application of security policies and adherence to compliance requirements by unifying rules management, analyzing risks generated by changes and proactively detecting anomalies and potential threats.

Another useful integration for IT departments is the one between the Tufin suite and the Cisco SecureX Cloud, through which security managers can use up-to-date data about infrastructure topologies, applications, and security policies to run playbooks and automatically translate solution security requirements into network-wide changes.

Tufin Orchestration Suite offers support for integration with numerous equipment and solutions from other manufacturers as well – such as Check Point, Fortinet, Juniper, Palo Alto Networks, etc. –, but also with the platforms of the main Cloud service providers, such as AWS, Microsoft Azure, Google, etc.

 

Main benefits

Using Tufin Orchestration Suite, companies acquire:

• An improved level of protection by optimizing security rules;
• An automated implementation of policy and rule changes across the entire infrastructure;
• Compliance requirements and simplifying audit processes;
• Operational savings.

For example, according to data provided by Tufin customers, they achieved a 50-75% reduction in the effort required to apply changes to network security rules, a 20-30% increase in the productivity of IT departments, and the automatic generation of audit reports. These are results that, according to an analysis of the economic impact carried out by Forrester Research ⁽²⁾, ensure a return on investment (over three years) of 148%, the purchase being amortized within 11 months.

To achieve such results, you can opt for Datanet Systems services – we are an authorized Tufin partner, having numerous implementations of security solutions in various industries, as well as multi-vendor system integrator skills.

For more technical or commercial information about Tufin Orchestration Suite, as well as about the services provided by Datanet Systems specialists, we invite you to contact us at sales@datanets.ro

______________________

1 – https://www.tufin.com/pr/tufin-orchestration-suite-named-2022-cybersecurity-excellence-gold

2 – https://lp.tufin.com/rs/769-ICF-145/images/forrester_research_the_total_economic_impact_of_tufin_security_suite.pdf