Tufin Advances Automation Capabilities with Tufin Orchestration Suite R18-1.

Latest release includes change automation for Cisco Firepower and automates policy compliance with rule recertification mandates

BOSTON – June 8, 2018 – Tufin®, the market-leading provider of Network Security Policy Orchestration solutions, announced the release of Tufin Orchestration Suite R18-1 with significant enhancements to Tufin’s industry-leading automation capabilities. The release also introduces enhanced support and integration with Cisco Firepower, further advancing Tufin’s Network Security Policy Management (NSPM) solution by uniquely providing automation for Cisco Firepower.

“We continue to devote resources to ensure Tufin provides the industry’s most powerful and comprehensive automation – a decision that is clearly reflected in the enhancements in the release of Tufin Orchestration Suite 18-1,” said Ofer Or, Vice President of Products at Tufin. “Customers are increasingly turning to automation to keep pace with change demands, security mandates, and industry compliance requirements, and we will continue to refine and advance our solutions to meet that need.”  

Enhanced Cisco Support

Tufin Orchestration Suite 18-1 is the first solution to offer change automation capabilities for Cisco Firepower policies, enabling customers using Firepower devices managed by Cisco Firepower Management Center (FMC) to implement access changes in minutes across their complex, hybrid networks. Tufin also offers Cisco customers an automated migration solution from Adaptive Security Appliance (ASA) to Firepower that will help users save time and ensure accuracy and connectivity while enforcing policy compliance. The enhanced Cisco support in TOS 18-1 will allow users to:

• Increase the efficiency and reduce cost associated with access changes in minutes across a hybrid network that includes Cisco Firepower Next-Generation Firewalls (NGFW)
• Eliminate policy misconfigurations and mistakes with change automation support for the Cisco Firepower platform
• Reduce risk of non-compliance with an auditable, documented change process for Cisco Firepower policy changes
• Speed up service delivery with automated change approval and design
• Reduce costs and complexity of migrating from Cisco ASA to Cisco Firepower

“Customers rely on Cisco’s threat-focused, next-generation firewall technology to stop threats and gain insights into their networks. The threat landscape is constantly changing, and the ability to automate and enforce security policy compliance in minutes with support from Tufin is beneficial for security teams,” said Dov Yoran, Senior Director, Strategy & Business Development, Cisco. “With Tufin’s support of Cisco Firepower and the ability to migrate optimized rule sets, our joint customers can realize the benefits of this technology more simply and efficiently across their infrastructure.”

Automating Policy Compliance with Rule Recertification Mandates

With Tufin Orchestration Suite 18-1, customers can fully automate the recertification process to track, monitor and manage the expiration of firewall rules and meet compliance mandates. The new release allows customers in compliance-heavy industries, like retail, to comply with PCI DSS rule review requirements. This enables them to automatically identify expiring rules, speed up processing with full visibility of rule metadata, and automatically re-certify rules across vendors and platforms. As a result, customers can:

• Reduce cybersecurity risk and non-compliance by automatically tracking and recertifying rules with a fully-documented process
• Maintain continuous compliance and simplify audit preparation through the automated enforcement of rule recertification policies
• Increase efficiencies and reduce misconfigurations with end-to-end automation of the recertification process across vendors and platforms
• Retain control over the recertification process flow by leveraging a fully customizable workflow

New Automation Triggers

Tufin Orchestration Suite 18-1 also includes new automation triggers to SecureChange workflows, allowing customers to further customize their change process. New triggers include:

• Trigger before assigning workflow steps - allows customers to use custom logic to automatically escalate approvals, delegate recertification and pull teams into the change process as necessary
• Trigger to run a script upon failure of an automatic step, such as target selection, to ensure automated troubleshooting for tickets
• Trigger and API to confirm that a ticket was resolved on behalf of the requester; for example, when the ticket should be confirmed by a third-party ticketing system

The new triggers increase agility and flexibility in aligning to specific organizational guidelines and simplify integrations with ticketing systems, vulnerability management solutions and other third-party vendors.

Tufin Orchestration Suite R18-1 is available immediately. Visit us at Cisco Live in Orlando, Florida, on June 10-14 to see a demo of Tufin Orchestration Suite R18-1. For more information, please visit: https://www.tufin.com/tufin-orchestration-suite