Tufin Technologies today unveiled its vision for Security Policy Orchestration and launched version R13-3 of the Tufin Orchestration Suite™. Security Policy Orchestration defines a new paradigm for the automated implementation of network infrastructure changes. With Security Policy Orchestration, Tufin customers can automate network layer change processes, enabling them to accelerate service and application delivery and increase IT agility, while maintaining security and compliance throughout the network. Tufin’s broader vision has been formulated following in-depth analysis of industry trends, input from its wide customer base, and input from its growing partner ecosystem.
“Security Policy Orchestration goes far beyond the traditional configuration and risk assessment of individual firewalls.  Interoperability between systems and integration with different network security devices is essential," said Ruvi Kitov, CEO of Tufin. "Over time, our solution has evolved into a centralized platform that enables organizations to automate end-to-end policy management for firewalls, switches, routers, and load balancers."
“The Tufin Orchestration Suite has been a huge asset to our business, enabling us to implement network changes up to 80% faster,” said Fritz Steinmann, Director and Head of Network Engineering at SIX Group Services AG. “Because the vast majority of firewall changes are application related, Tufin actually enables us to roll out applications faster, with best practices for security and compliance baked into the change process itself.  So not only are we more efficient and agile, but as our requirements continue to evolve, Tufin ensures we can adjust our Network Security Policy accordingly.”
Evolution from Policy Management to Policy Orchestration
Tufin has identified a number of recent industry developments in network security operations which necessitate the transition from management to orchestration:
Virtualization has enabled acceleration of the change process at the server level – this, in turn, is creating an increased demand for automation across IT and, specifically, at the network layer
IT organizations are under pressure to match the speed, convenience and self-service provisioning of Cloud environments for internal application deployment
Enterprise networks are becoming larger and more complex with numerous traffic routing and shaping technologies and multiple data centers
Widespread use of stateful and next-gen firewalls for external and internal network segmentation has significantly increased the size of enterprise firewall estates and evolved security policy into complex rule sets that map how business is conducted over the network
The collective impact of these developments on network and security operations tasks has had a profound impact on people, processes and technology. Security Policy Orchestration is a necessity in order to keep up with the demands of the business while ensuring security and preventing an outage or a breach.
 Unveiling the Tufin Orchestration Suite – Version R13-3
The Tufin Orchestration Suite™, reflects the evolution of Tufin’s development strategy over the last several years. Tufin’s product suite consists of three modules: Firewall Management (SecureTrack), Network Change Automation (SecureChange®) and Application Connectivity Management (SecureApp™), and features:
Orchestration of network connectivity changes across distributed data centers and heterogeneous networks
Central management of enterprise firewalls, routers and load-balancers from all major vendors
Network path simulation and automatic identification of the relevant network devices
Automatic verification and documentation of every change
Impact analysis of every network change, before and after it is made
Automatic change provisioning
Orchestration of change processes across business units
Multiple, customizable workflows that automate best practices and organizational processes
Automatic translation of application connectivity needs to technical network requirements
A comprehensive audit trail for every network configuration change within its business context
Continuous compliance and instant audit reports for corporate and regulatory standards
Orchestration of network changes across management systems
A RESTful API framework for integration with systems such as ITSM tools (e.g., BMC Remedy), self-service portals, home grown management systems etc.
Ability to submit network access requests using one simple REST API call across complex, multi-vendor networks
A uniform way to retrieve information about firewall policies and rule sets
APIs for network connectivity management of application and server operations including deployment, migrations and decommissioning