Management BYOD Infrastructure IoT Storage Security Privacy

Current Filter: Network>>>>>Review>

PREVIOUS

Filtered Articles:2 of 104   Current Article ID:5511

NEXT



Tufin Orchestration Suite 15.1

Editorial Type: Review     Date: 05-2015    Views: 9120      







As enterprise networks become ever more complex, administrators struggle to find a balance between a timely response to changes in business demands and ever stricter data protection

Orchestration Suite from Tufin responds by delivering a rapid response resource to automate security policy configuration across heterogeneous platforms, including physical networks, private and public cloud, to establish defined change management and compliance practises.

Seamlessly integrated into a single console, Orchestration Suite comprises Tufin's star security players - SecureApp, SecureChange and SecureTrack. They provide end-to-end network security and link application access provisioning, change management workflows and automated firewall rule deployment. New features extend security policy management to cloud services such as Amazon Web Services, OpenStack and VMware NSX and on-premises network access devices. Unified security policies also allow applications to be securely migrated from one network zone to another.

Tufin offers a unique approach to network security as administrators no longer need to get down and dirty with firewall rules. SecureApp works closely with SecureChange and is used to create lists of business applications and the connections they rely on to correctly function.

From the console, you define traffic sources, service ports and traffic destinations. These can be anything from a server or service, to a user or a host PC; multiple connections can be assigned to each application using drag and drop operations.

On completion, SecureApp checks their status by querying the SecureTrack topology maps to discover if the connection already exists and if it is active. Change management now comes into play as SecureApp passes the application connection request directly to SecureChange. This automatically issues a ticket for the request and creates the necessary workflow processes. These describe a strict sequence of procedures required for change submission, design, risk assessment, approval and implementation.

Participants or users declared to SecureChange are assigned the task of dealing with the request. These can be assigned automatically and the next available participant will be allocated the job. Dynamic assignments allow workflows to pass tasks to specific participants based on conditions such as the request content. Workflows can also run multiple steps in parallel which will be useful where different risk assessments are carried out by various departments - but all will need to approve the request.

The policy change advisor in SecureChange queries security devices and suggests where rules should be correctly placed for the application connection request. It works in tandem with SecureTrack and uses its compliance policies to see if the suggested firewall rule changes are acceptable or could cause violations. It then presents for approval the list of new firewall rules and changes to existing ones to the firewall administrator. Once satisfied they simply sign them off and SecureChange instructs SecureTrack to make the necessary changes to the firewall or network access device.

The Orchestration Suite console is very well designed and opens with the SecureTrack Dashboard displaying all declared network devices in the left pane. The main window provides at-a-glance views of security issues and their severity, authorised and unauthorised changes and a to-do list of issues to be investigated.

Both SecureChange and SecureApp are accessed directly from the same console and the latter shows the status of all active applications. If subsequent changes to a firewall break an application connection, SecureApp sends out alerts via email and it continuously monitors application connection status and provides a full audit trail of all changes made.

Orchestration Suite means never having to deal with firewall rules again. It takes the pain out of IT change management by delivering joined up application provisioning while tight integration across the three suite elements ensures that security isn't compromised at any stage. NC

Product: Orchestration Suite 15.1
Supplier: Tufin Technologies
Contact: +44 (0) 7780 463090
Web site: www.tufin.com

Like this article? Click here to get the Newsletter and Magazine Free!

Email The Editor!         OR         Forward ArticleGo Top


PREVIOUS

                    


NEXT