The Tufin Security Suite from Tufin Technologies helps network administrators analyze firewall rule sets. Firewall operations management sounds really complicated, but it essentially boils down to giving administrators information about what changes have been made to the firewall policies, and who made them. Tufin has integrated the software into the T-80, a small appliance that makes it even easier for small businesses to get identify conflicts and to ensure the firewall rules are in sync with corporate policies.
Why Might You Need Tufin?
Networks aren't static. New rules, such as opening up a new port to allow an application to have access outside the network, are often created on the fly and old ones aren't always turned off when they are no longer needed, such as when an application is no longer used and that port doesn't need to be open anymore. Sometimes a new rule conflicts with the old one, or even duplicates the functionality of an existing one. People leave and no one remembers why a certain port was opened or closed. After a while, it is difficult to look at the hodgepodge of rules and know what the firewall is doing.
Tufin gives administrators the ability to create and implement new firewall policies and manage existing rules with a clear audit trail. Say someone decides that a port needs to be opened in order to use an application. The administrator can look at the request against existing corporate and compliance policies, figure out whether opening this port will cause problems for existing rules, and document that the request was made. Later on, when someone else asks why that particular port was open, TSS has all the answers ready at hand.
Who Tufin Is For?
The T-80 is intended for the small- to medium-size business, and it works with a wide range of commercial firewalls, including Cisco PIX, ASA, and FWSM firewalls, as well Fortinet FortiGate, Juniper Netscreen, JunOS, and Palo Alto Networks firewalls. For the purpose of this review, Tufin sent along a NetScreen 5GT from Juniper Networks.
Organizations with multiple firewalls would need something like the T-80 to help keep track of what rules have been applied where. Organizations with strict regulatory and compliance requirements (such as PCI-DSS) can also use the T-80 to ensure the firewall rules are in line with what is needed, and be able to provide auditors with proof. And finally, businesses that have implemented specific firewall rules beyond the basics can rely on the appliance to make sure the rules are doing the job. Even the simplest network with only one firewall can get complicated. A management tool gives administrators some visibility into what is being allowed in and out.
The T-80 can support up to 10 firewalls. While the price of the appliance itself is not that bad, at $1,995, the price tag gets pretty steep once you factor in the price of other software. Customers must buy the 1-year license for SecureTrack for $5,994. For Check Point, Cisco, Juniper Networks, Fortinet, and Palo Alto Networks,SecureTrack has an additional fee of $1,998 per firewall. A 1-year license?SecureTrack Advanced Monitoring, Policy Analysis and Automatic Policy Generator is $445 for each Cisco router or switch, Cisco Nexus switch, and Juniper Networks M/MX Routers being managed. A 1-year license for SecureTrack Basic Monitoring per each Cisco router or switch, or Juniper Networks M/MX routers is $140.
Tufin offers a 30-day evaluation of the appliance before making the investment, and there are also one-time audit licenses to be used during an audit without having to buy the appliance outright. Tufin sells through the channel, so interested businesses will need to work with a certified partner.
Getting ready for this review took a while, because I had difficulty finding a firewall that would work with the T-80. Despite having several business-grade routers and firewalls in-house, it turned out many of them weren't feature-rich enough. It's not exactly a con, but the organization has to make sure to have a next-generation firewall, or one of the IOS appliances from Cisco, deployed before the T-80 or other similar products can be of any use. Organizations who are interested in getting some visibility over their firewall and routers but not having a supported device, would have to look elsewhere for answers, or just tackle the list manually.
Opening the Box
Tufin T-80 comes in a small, square bright blue box. The appliance measures 1.9 inches by 6.5 inches by 6.5 inches and tips the scales at 2.9 pounds. There is a bright blue power button on the front panel which flickers to indicate activity. On the back panel, the appliance has a serial port, a VGA connector, a power outlet, a Gigabit Ethernet port and two USB 2.0 ports.
The appliance ships with a DB9 console cable to use to access the management interface, and a USB flash drive containing documentation and relevant firmware and files needed to recover the appliance in case of failure.
Hooking up the equipment was a snap. I connected the T-80 to the same network that I had deployed NetScreen 5GT firewall from Juniper Networks. I accessed the management interface using a computer on the same subnet as the firewall and the T-80. The network was set up so that the T-80 management machine and the firewall were on the subnet. I also could have used the crossover cable to directly connect the T-80 to the management server to set up the appliance.?Next: T-80 Setup, Management Interface
Source: http://feedproxy.google.com/~r/ziffdavis/pcmag/~3/XVD-bcuxkIc/0,2817,2411196,00.asp
air jordans pecan pie recipe prince philip sugar cookie recipe sugar cookie recipe how the grinch stole christmas macaroni and cheese
কোন মন্তব্য নেই:
একটি মন্তব্য পোস্ট করুন