Tufin delivers first-to-market functionality with new automatic policy generator (apg), dramatically simplifying firewall policy creation and optimization

Tufin Technologies, the leading provider of Security Lifecycle Management solutions today announced the immediate availability of the Tufin Automatic Policy Generator (APG), an innovative extension of its SecureTrack firewall operations product. By extending SecureTrack to provide automatic policy generation, Tufin enables security operations teams to "bake security in" to network security operations, and in doing so, reduce a significant cause of operational and audit complexity at its source. Native to SecureTrack, the APG is also part of the new version of the Tufin Security Suite (TSS) version 5.0.

"Automating the creation of optimized firewall rule bases is critical to establishing an accurate baseline for increasing network security and reducing operational costs," said Eric Ogren, principal analyst of the Ogren Group. "Well defined firewall rules lower the risk of creating holes in network security, eliminate many of the business disruption issues that can accompany firewall deployments, and reduce the number of costly support calls. Automation ensures that firewall rule bases act on the intelligence discovered from actual observed business traffic."

Automatic Policy Generation: Expanding end-to-end Security Lifecycle Management

The Tufin Automatic Policy Generator (APG), a breakthrough SecureTrack feature, enables administrators to automatically generate a firewall rule base through analysis of firewall log usage. Powered by Tufin's patent-pending Permissive Rule Analysis technology, SecureTrack's APG "watches" firewall traffic for a set period of time, and then automatically generates a refined, accurate and specific rule base optimized to permit business critical traffic.

The infamous 'Any' objects in the firewall rule base, signifying any potential traffic in the source, destination or service, are replaced with actual network addresses and services, eliminating overly permissive rules that increase the risk of for unauthorized or curious users gaining unauthorized network access. The APG can be utilized with all network firewall vendors.

The APG can be used to easily integrate a firewall into a non-firewalled network segment with minimal business disruption. By eliminating the business continuity issues that often come with new firewall deployments, operations teams can secure open network segments in a non-invasive way and retain continuous availability for network services. The ability to painlessly firewall internal network segments also reduces the need to implement potentially questionable or weak compensating controls that might be used for relevant PCI or other compliance requirements.

"It's said that an ounce of prevention is worth a pound of cure, and we have taken that to heart with the APG Add-on," said Shaul Efraim, VP Products, Marketing and Business Development, Tufin Technologies." With the APG, we have introduced automation at a very important and operationally critical juncture - the beginning of the lifecycle - delivering on our vision for end-to end-policy management. We're grateful for the strong customer and channel relationships we have established - it's their feedback that has enabled us to deliver functionality that continues to raise the bar for our class of solutions. "

Tufin has published a white paper on the Automatic Policy Generator, which is available for download at www.tufin.com/APG.

About SecureTrack

Tufin SecureTrack(TM) is the market-leading Security Lifecycle Management solution. SecureTrack enables organizations to enhance security, reduce service interruptions and automate day-to-day tasks through powerful firewall management capabilities and reporting. SecureTrack helps security operations teams to control and manage policy changes, analyze risks, and ensure business continuity and allows managers to easily understand the big picture and align operations with corporate and government security standards.