On This Page
Solution Tiers
Overview
Tufin Orchestration Suite has three solution tiers, which can be purchased on a subscription basis:
-
SecureTrack+: Offers security policy management, vulnerability prioritization and mitigation, compliance monitoring and reporting, policy optimization and cleanup automation, policy control for cloud-native applications, and distributed architecture.
-
SecureChange+: Offers everything included in SecureTrack+, as well as network access change request automation, rule lifecycle management, vulnerability-based change automation, and topology mapping.
-
Enterprise: Offers everything included in SecureTrack+ and SecureChange+, as well as change implementation (provisioning), application-based connectivity management, best in class high availability, and premium 24x7 follow-the-sun support.
Capabilities are grouped by use-case and pricing is determined according to the size of your environment. Each tier has a fixed price for each firewall unit or cloud virtual machine.
A single tier will apply to both production and lab environments and you can change to a higher tier any time. For assistance, contact [email protected].
Capabilities for Each Tier
The full capabilities of each tier are listed in the following table.
| SecureTrack+ | SecureChange+ | Enterprise | |
|---|---|---|---|
| Compliance, Monitoring and Reporting | X | X | X |
|
Security policy management: Zone-based Unified Security Policy (USP) Security Policy Builder (SPB) IPAM-based zone definition with continuous synching (ISPA) |
X | X | X |
|
Policy Optimization and Cleanup Automation: Rule and Object Cleanup Reporting Server Policy Cloning Workflow Decommission Network Object Workflow Rule Decommissioning Workflow |
X | X | X |
| Vulnerability Prioritization and Mitigation (VMA) | X | X | X |
|
Up to 5,000 routers and switches included |
X |
X |
X |
| Distributed Architecture, including remote collectors and worker nodes | X | X | X |
|
Rule Lifecycle and Ownership: Rule and Group Modification Workflows Rule Recertification Workflow Rule Lifecycle Management (RLM) |
X | X | |
| Vulnerability-based Change Automation (VCA) | X | X | |
| Access Request Workflow | X | X | |
|
Topology Mapping: Visibility only (requires add-on) |
X |
|
|
| Topology Mapping: Visibility, Target Selection, “What If” Path Analysis | X | X | |
| Change Implementation (Provisioning) | X | ||
| SecureApp: Application-based Connectivity Management, up to 500 apps. | X | ||
| High Availability redundant multi-node cluster with automatic failover | X | ||
|
Disaster Recovery redundant deployment on a remote site |
|
|
X |
| Support | Standard | Standard | Premium 24/7 |
Was this helpful?
Thank you!
We’d love your feedback
We really appreciate your feedback
Send this page to a colleague