04-25-2023 08:44 AM - edited 04-25-2023 08:45 AM
Does anyone have experience using this in a larger environment? Multi vsys? Panorama? HA Clusters and so on. Are there better options available?
Thanks in advance for your time.
04-25-2023 12:25 PM
*disclaimer that this information is a couple years old
If you haven't already decided to move forward with Tufin I'd highly suggest that you look at Firemon instead. I've worked with several companies that used Tufin in their deployments and assisted with the setup process, and overall it was a real pain. Tufin didn't understand App-ID concepts well, reporting properly required a whole lot of reporting packs and modifications to function properly, and a lot of the process just felt really half-baked. Additionally I felt like I was constantly hearing about how it couldn't due something due to licensing which was off putting with how much they were spending for it.
Firemon did a better job out at reports from what I've seen in the past, and it was infinitely easier to get working and reporting properly out of the box.
Now a disclaimer to either product; I personally feel like they make the most amount of sense when working in large teams or when security needs to validate firewall configurations and have a heavy say in the configuration. If you're a smaller environment or only have a couple of people running things, I've never felt like these products are a huge value add.
04-25-2023 12:25 PM
*disclaimer that this information is a couple years old
If you haven't already decided to move forward with Tufin I'd highly suggest that you look at Firemon instead. I've worked with several companies that used Tufin in their deployments and assisted with the setup process, and overall it was a real pain. Tufin didn't understand App-ID concepts well, reporting properly required a whole lot of reporting packs and modifications to function properly, and a lot of the process just felt really half-baked. Additionally I felt like I was constantly hearing about how it couldn't due something due to licensing which was off putting with how much they were spending for it.
Firemon did a better job out at reports from what I've seen in the past, and it was infinitely easier to get working and reporting properly out of the box.
Now a disclaimer to either product; I personally feel like they make the most amount of sense when working in large teams or when security needs to validate firewall configurations and have a heavy say in the configuration. If you're a smaller environment or only have a couple of people running things, I've never felt like these products are a huge value add.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
