Tufin™ is the leading provider of Security Lifecycle Management solutions that enable companies to cost-effectively manage their network security policy, comply with regulatory standards, and minimize risks.


Firewall Operations Management

Tufin SecureTrack gives you in-depth visibility and control over all of the network and next-generation firewalls, routers and switches on your network. SecureTrack features real-time change tracking, automatic policy generation, rule and object usage analysis, and many more tools that increase accuracy and productivity every day.

Central Management – A unified top-down view of all network and next-generation firewall policies, routers and related network devices from all of the leading vendors. Supports comparison and analysis of revisions using the vendor’s native conventions.

Change Tracking – Continuous, real-time configuration change monitoring for network and next-generation firewalls as well as routers, switches and other devices. SecureTrack detects and reports changes and maintains a complete audit trail for full accountability.

Policy Optimization – Analysis of even the largest, most complex firewall rule bases to identify unused or shadowed rules and objects. Eliminates security loopholes, improves performance, and eases maintenance.

Policy and Risk Analysis – Simulates policy behavior to analyze risk and business continuity. Tests whether a traffic pattern is currently blocked or allowed and provides recommendations for corrective action.

Network Topology – Discovery of network topology and creation of a dynamic map including firewalls, routers and network zones. Automatic identification of relevant devices and zones in requests, queries and reports.

Rule Recertification – Automatic identification of expired rules so that they can be reviewed, documented and recertified as needed.

Automatic Policy Generator – Reviews the security policy and assigns a permissiveness score to every rule. Based on in-depth analysis of network traffic, SecureTrack defines a comprehensive firewall policy that ensures business continuity while eliminating overly permissive rules.

Firewall OS Monitoring – Monitors critical firewall operating system components and server performance indicators to prevent configuration errors and enable effective auditing.

Product Delivery – Central management of multiple, distributed Tufin T-Series appliances from a single console. Provides scalability for large datacenters or multiple sites.

Auditing & Compliance

Tufin SecureTrack enables you to continuously comply with standards and successfully pass security audits. Featuring customized corporate security policies, automatic compliance alerts and built-in reports such as PCI DSS 2.0, SecureTrack enables you to prepare for audits up to 3 times faster than before.

Audit Trail – Real-time configuration change monitoring for firewalls, routers, switches and other devices that maintains a complete audit trail for full accountability.

Corporate Compliance – Definition of a custom, corporate compliance policy through a convenient GUI, combined with continuous compliance tracking and triggered alerts in case of violation.

Security Risk Report – The automated Security Risk Report shows your current Security Score and risk trends through assessment of predefined risk factors and your organization’s own compliance policies.

PCI DSS Report – The PCI DSS report instantly demonstrates compliance with the latest version of the payment card industry standard.

Best Practice Audits – Analysis of a wide range of industry best practices that contribute to a tight, secure and maintainable security policy.

Cisco Device Configuration Report (DCR) – Checks for common security settings and misconfigurations critical for overall device and network security in Cisco routers and switches.


SecureChange fully automates the security change request process to proactively reduce risk and enforce corporate policies. With unique security-aware technology, SecureChange complements existing help-desk systems and helps network security and operations teams to increase efficiency and accuracy.

Task Management – Intuitive, Web 2.0 interface makes it easy for users and administrators to manage their security related tasks.

Customizable Workflows – Unlimited number of customizable workflows to accommodate organizational processes, different roles and permissions, and separation of duties. Easy to create and customize with the graphical workflow editor.

Proactive Risk Analysis – Process-driven, enforced risk analysis prior to approvals and configuration change implementation.

Executive Dashboard – Graphical reports on the accuracy and efficiency of the change management process.

Policy Change Advisor – Productivity tool that helps administrators to rapidly design secure, accurate configuration changes.

SLA Tracking – Definition and tracking of service level agreements for request workflows and for individual steps from submission through verification.

Ticket Verification – Automatic comparison of actual configuration changes to the original access request ensures that the request was fulfilled accurately.

Integration with Ticketing Systems – Rapid integration with BMC Remedy and other ticketing systems to seamlessly extend corporate service management processes to include security intelligence.

Product Delivery – Central management of multiple, distributed Tufin T-Series appliances from a single console. Provides scalability for large datacenters or multiple sites.

If you have a question or a comment, or would like more information or a demonstration, please let us know by completing the Contact Us box on the right side of this page.