Managing Devices in TOS Aurora

This topic is intended for Network Security Engineers who are responsible for troubleshooting network connectivity, adding devices, and auditing compliance.

Overview

Adding a physical or virtual firewall device to TOS Aurora adds the device to the list of Monitored Devices and gives you visibility to the device policy and revisions. Only SecureTrack Administrators can add and manage devices. If you configured your system for multi-domain management, devices can be added by Multi-Domain Administrators in a selected domain, or Super Administrators in a selected domain, or when All Domains is selected.

Devices are added by default to the Central Cluster. If you are running a distributed deployment, you can choose whether to attach the devices to the Central Cluster or to a Remote Collector. Later, you can choose whether to migrate the device (or the device group) to a different cluster.

Devices and Licensing

SecureTrack automatically attaches new devices to an available license component (SKU) - the one with the longest duration. If there is an available perpetual license, SecureTrack will attach the device to that license. If not, SecureTrack will choose the subscription license with the latest expiration date. If there is no available license, the device will be considered Plug and Play, and you will have 30 days to contact Tufin and purchase a license for your device. When disabling devices, the attached SKUs become available and you can use them with other devices.

Devices Installation

You can install devices from these manufacturers using a simple wizard. The wizard will prompt you for required device information such as the device type, IP address, user name, and password. The required information is different for each device type.

All devices need to use TLS 1.2. SecureTrack will not retrieve revisions from devices that use TLS 1.0 or 1.1.

For a list of supported devices, see Supported Devices and Platforms.