Security and firewall management has always been a complex task, but the addition of next-generation firewalls can make things even tougher. While traditional firewalls concern themselves mainly with controlling access of networks through ports and protocols (for example, blocking traffic that is not on Port 80 or blocking UDP traffic), next-generation firewalls look for specific types of application traffic passing through the network. So, for example, a company with a next-generation firewall could block access to Facebook for most employees while allowing marketing and PR personnel to use the social network.
Ruvi Kitov, Tufin's CEO and co-founder, says, "Previously, the whitelist and blacklist were only network-zoned, so you could set 'from anywhere to anywhere, don’t allow telnet.' Now, you can say, 'In all my next-gen firewalls, I don’t want to ever allow Facebook because that’s not corporate policy.' We are enabling administrators to enforce corporatewide policies within Tufin at the user and application level as well."
The Tufin Security Suite 6.0 provides the ability to manage next-generation firewalls from vendor Palo Alto Networks. If a business is set up to use the Tufin tools to manage their security, they no longer have to leave those tools to define application-aware policies for their next-generation firewall.
Among the many new features in the Tufin Security Suite is a topology map for discovering devices on the network. This provides a graphical and interactive view into all connected devices in an organization’s network. Pricing for the Tufin Security Suite 6.0 starts at $20,000.
See more on this topic by subscribing to Network Computing Pro Reports Security That Never Sleeps (subscription required).