Feature

Product review: Tufin's Tufin SecureTrack 4.1

Ezine

This article can also be found in the Premium Editorial Download "Information Security magazine: Security Readers' Choice Awards 2008."

Download it now to read this article plus other related content.

Policy ControlB  
Although you can view firewall policies within Secure-Track, you have to use the respective Check Point, Cisco and Juniper native firewall interfaces to make changes or update configurations. We'd like to see a tool that can analyze and actively manage multiple types of firewalls for heterogeneous environments.

You'll spend most of your time in the Compare and Analysis interfaces. The Compare view allows you to see current rules, objects and global properties, offering a side-by-side comparison of current and previous versions. This is also where you can browse and drill down into firewall objects and properties, including any changes made. The revisions component is useful and allows you to view changes incrementally.

The Analyze tab allows you to make simple and effective queries, providing quick insight into any rule set. When you use the comparison and analysis tabs together, you can find conflicting and high-risk rules. Overlapping rules or gaps in rule sets between firewalls can lead to an unpredictable or insecure configuration. This risk assessment capability goes a long way toward helping you mitigate these issues.


    Requires Free Membership to View

ReportingB  
SecureTrack has a number of features that provide value beyond simple reports, especially the ability to have reports emailed on a set schedule. Reports are fully customizable and include rule usage, rules and policy changes, and even node-specific object changes such as user membership, and OS modifications. Rule usage shows what firewall rules are triggered most, revealing unused or unnecessary rules.

These reports can be filtered by date, firewall, or nearly any other specific criteria. In addition to the canned reports, compliance and regulatory reports can be defined manually with custom policies that identify problem rules.

On the downside, the rule usage feature is currently not available for Cisco and Juniper firewalls.


Verdict
Tufin has done a very good job of creating a centralized management solution, primarily for Check Point firewalls deployed in distributed environments. It should have broader application with enhanced Cisco and Juniper support, planned for the next release.



Testing methodology: Our lab included a single instance of SecureTrack on Red Hat, two Check Point firewalls and one Cisco firewall. Rules were imported from production environments.

This was first published in April 2008

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: