Buy the book at
www.amazon.com/author/paulbabicki
Today's blog is actully a glowing review from SC Magazine fron 11/2016.
If there is an interest in the product, please contact Tabula Rosa:
www.tabularosa.net
========================================================
November 01, 2016 scmagazine.com
Product Information
Tufin Orchestration Suite
Quick Read
Strengths: Very
good visibility of the enterprise and the policy-related activity on it. Tight
integration of the three core modules is a big plus. We really liked the web
portal – lots of good support features there.
Weaknesses: A
lot of manual setup and management is necessary giving the product a bit of an
old-school feel.
Verdict: We
would like to see some form of auto discovery beyond what is available
currently. Verdict This one is well worth your time, but be sure that you have
everything on your enterprise identified so that the Suite can access it and
collect data.
Rating Breakdown
SC Lab Reviews
Reviews from
our expert team
Features:
Documentation:
Value for Money:
Performance:
Support:
Ease of Use:
5/5
Summary
The
Orchestration Suite actually comprises three products: SecureTrack dashboard
(change tracking, risk analysis, etc.), SecureChange (change
automation-ticketing) and SecureApp. It provides end-to-end, policy-based
change automation that provides necessary security and compliance checks for
each change, boosts agility and security of application migration with
automated provisioning and built-in security and compliance, supplies risk
analysis against the enterprise security policy baseline and provides automated
change design.
Basically, the
Suite orchestrates the management, application and change control for security
policies across networks. It integrates cleanly with third-party products and
supports compliance with most regulatory requirements. Although it is housed in
a physical appliance supplied by Tufin, it can support cloud-based
environments, such as Amazon Web Services. The appliance can be installed in a
virtual environment but it must be on premises to enable poling the devices on
the network.
One of the
product's most valuable functions is doing comparisons to show what has changed
on the enterprise. However, because it does not do auto discovery, this can be
a tedious process and may not be completely reliable. Change discovery is only
as reliable as the system's knowledge of what devices on the enterprise may be
subject to change. While the Suite consumes data from third-party tools -
certainly an acceptable approach - the data on enterprise devices are only as
accurate and complete as what is provided by the third-party tool.
A key benefit
of Orchestration Suite is users gaining visibility of what is going on in the
enterprise presented under a single pane of glass. The SecureTrack module is,
actually, that pane of glass, at least as a starting point. It proved an
excellent dashboard and it was where we landed when we began the evaluation. We
were presented with a high-level view of the enterprise and, grossly, what was
going on in it. From the gross view we could tune down to a finer view using
excellent drill down.
There is a
solid policy generator that helps select the level of permissiveness of rules.
The product has a unified security policy and the user can create matrices that
help put various findings in context. Although Tufin provides rule templates,
you will need to map the network into zones. We found this tedious - mapping
usually is - but we know of no way around it given the architecture of the
product.
However, Tufin
does not provide any policies. You will need to create your own (e.g., PCI).
The setup seems to us to be very tedious. For example, the tool does not do
auto discovery. Devices must be added manually or through a third-party tool.
Manual configuration of enterprise devices can be accomplished in a number of
ways. For example, you can use a CSV file generated by some other tool. This
semi-automates the process, but you are at the mercy of the third-party tool's
accuracy and completeness.
The good news
is that a topology map is created by mapping devices that the user adds
manually. Since a lot of risk is generated by reachability, working from a
topology map is a distinct advantage. Of course, all of the tools must have
read-access passwords. But that can be scripted. There is a proprietary
algorithm to do all of this, but in some regards this feels very tedious and
old school to us.
SecureChange is
the change automation module and it is based on workflows. We really liked this
because this type of product can succeed or fail on the basis of how complete
its workflows are. Policy and risk management tools can be extremely tedious to
manage because of their size (in a large enterprise, anyway) and the precision
required for regulatory compliance.
Workflows must
be created and entered manually and, given that all organizations are
different, Tufin supplies templates. However, because large enterprises have
their own workflows, organizations can develop their own templates if they
wish. The tool integrates with ticketing systems, such as Remedy or Service
Now. The workflows automate the ticketing process for violations of policies.
===========================================================================================Tabula Rosa Systems - Tabula Rosa Systems (TRS) is dedicated to providing Best of Breed Technology and Best of Class Professional Services to our Clients. We have a portfolio of products which we have selected for their capabilities, viability and value. TRS provides product, design, implementation and support services on all products that we represent. Additionally, TRS provides expertise in Network Analysis, eBusiness Application Profiling, ePolicy and eBusiness Troubleshooting. We can be contacted at:
===============================================================
In addition to this blog, Netiquette IQ has a website with great assets which are being added to on a regular basis. I have authored the premiere book on Netiquette, “Netiquette IQ - A Comprehensive Guide to Improve, Enhance and Add Power to Your Email". My new book, “You’re Hired! Super Charge Your Email Skills in 60 Minutes. . . And Get That Job!” has just been published and will be followed by a trilogy of books on Netiquette for young people. You can view my profile, reviews of the book and content excerpts at:
www.amazon.com/author/paulbabicki
Anyone who would like to review the book and have it posted on my blog or website, please contact me paul@netiquetteiq.com.
In addition to this blog, I maintain a radio show on BlogtalkRadio and an online newsletter via paper.li.I have established Netiquette discussion groups with Linkedin and Yahoo. I am also a member of the International Business Etiquette and Protocol Group and Minding Manners among others. I regularly consult for the Gerson Lehrman Group, a worldwide network of subject matter experts and I have been contributing to the blogs Everything Email and emailmonday . My work has appeared in numerous publications and I have presented to groups such as The Breakfast Club of NJ and PSG of Mercer County, NJ.
Additionally, I am the president of Tabula Rosa Systems,
a “best of breed” reseller of products for communications, email,
network management software, security products and professional
services. Also, I am the president of Netiquette IQ. We are currently developing an email IQ rating system, Netiquette IQ, which promotes the fundamentals outlined in my book.
Over the past twenty-five years, I have enjoyed a dynamic and successful career and have attained an extensive background in IT and electronic communications by selling and marketing within the information technology marketplace.
=============================================================
No comments:
Post a Comment