On This Page
What's New in R24-1
Since R23-2, TOS features are enforced on tiered licenses according to solution tier. Examples are topology and some SecureChange workflows that are available only in the SecureChange+ tier, and provisioning that is available only in the Enterprise tier - see Solution Tiers. For more information contact your account team.
To filter the results, enter text in one or more of the filter fields.
To see all items, clear the filter fields.
|
Feature |
Description |
Tags |
|---|---|---|
|
Cleanup Enhancements for Azure FW and NSG rules. |
Last hit date is now supported for Azure Firewall and NSG rules. The field appears in the Rule Viewer for these rules and can be queried using TQL. In SecureTrack Reporting Essentials (STRE), users can generate, schedule, and share reports that identify Azure FW or NSG unused rules using the reports: Rule Analytics and Security Best Practice. This enhancement helps identify unused rules to remove unneeded access, improve security posture, reduce the attack surface, and simplify cleanup initiatives in Azure. |
rule viewer, rules, query, tql, azure, last hit, nsg, firewall, securetrack, cloud & platforms |
| Topology Support for GCP |
GCP is now incorporated in the topology map. This release also supports path analysis calculations based on GCP network tag objects. These enhancements reduce MTTR, simplify network troubleshooting, and provide clear, dynamic visibility for the entire hybrid environment. |
topology, gcp, vpc, palo alto, vm series, securetrack, cloud & platforms |
|
Topology Support for Panorama Managed Prisma Access |
Panorama Managed Prisma Access is now included in topology. This means Prisma on the Topology Map and automation is enhanced, allowing access requests to be made in Topology mode assisted by auto-suggest target selection. In addition, USP violations and shadowing are now calculated for Prisma policies. These enhancements improve network topology accuracy, visibility to Prisma remote networks and remote users in topology map automation and analysis, reduce MTTR as well as increase dynamic visibility for the entire hybrid environment and troubleshooting capabilities of Prisma policies specifically. |
panorama, prisma, securetrack, managed, access, cloud & platforms |
|
Addition of GCP and Cisco Meraki Via Proxy Authentication |
Cisco Meraki and GCP projects can be added to SecureTrack via proxy authentication. The proxy acts as an intermediary between TOS and GCP/Cisco Meraki, providing secure connection from TOS to the external platforms while still meeting the corporate security requirements for external connections via a proxy. |
gcp, proxy server, securetrack, cloud & platforms |
|
Support for Cisco Cloud-Delivered FMC |
Tufin offers full feature parity with on-premises Cisco management platforms to ensure a smoother transition to the cloud without compromising on policy management capabilities. You can leverage the scalability and flexibility of cloud-delivered FMC, while still getting the Tufin value for visibility, topology, cleanup, compliance, and automation. |
cisco, cdfmc, fmc, cloud & platforms |
|
Support for Palo Alto Cloud NGFW on Azure |
Palo Alto Device Groups that manage Palo Alto Cloud NGFW on Azure are now supported. This enables policy visibility in the Rule Viewer, comparing revisions, creating reports, and automation / provisioning. You can now understand risk mitigation, cleanup calculations, audit and compliance, policy visibility and automate firewall change requests to Palo Alto Cloud NGFW on Azure. |
palo alto, azure, cloud, ngfw, securetrack, securechange, cloud & platforms |
|
Support for Palo Alto VM series on GCP |
All functionality for Palo Alto is now provided for VM Series firewalls deployed on GCP. |
palo alto vm, firewall, fw, gcp,cloud & platforms |
|
Ticket Search Enhancement |
Ticket search has a brand-new look-and-feel. All search functions on the Ticket page now appear at the top of the page, instead of in a pop-up window. You can easily swap between free search and detailed search and enjoy a smoother user experience. |
tickets, search, securechange, automation |
|
SecureChange Reporting API |
This new API retrieves SecureChange ticket and step events providing new and more granular reporting possibilities. It will enable you to develop custom dashboards and reports of SecureChange ticket statistics, to identify ticket handling bottlenecks, and improve processes and response times. |
api, lifecycle, access request, dashboard, reports, securechange, automation |
|
Automation for ACI-based Panorama DAGs |
Customers using Panorama and ACI integration with DAG-based ACI EPG tags in their Panorama security policies can now securely automate changes with SecureChange workflow tools. This includes Risk Analysis to ensure compliance and help avoid risks, topology map for enhanced network connectivity troubleshooting, and auto-target selection, Verifier, and Designer to accelerate the change process. |
panorama, aci, epg, palo alto, automation |
|
Automation for Panorama UserID from Specific Network |
SecureChange now supports Palo Alto rules and access requests whose source includes both UserID (LDAP Groups) and IP addresses. Automation tools are now available for this type of access request, providing enhanced change automation, saving time and improving accuracy. |
user identity, access request, palo alto, securechange, automation |
|
PCI-DSS 4.0 USP Template |
The PCI-DSS USP template has been updated to meet the latest PCI-DSS 4.0 standard. Available from PGA.0.0. |
PCI, USP, template, security & compliance |
|
Rule Viewer- Rule Selection Enhancements |
In the Rule Viewer, a contiguous group of rules can be quickly selected by using the mouse and keyboard. In addition, the selection limit has been increased from 300 to 5,000 rules for the actions: Export to CSV, Add Related Tickets, and Edit Rule Documentation. This increases flexibility and saves time. |
rule viewer, limit, selection, list, group, shift, securetrack, security & compliance |
|
Rule Viewer – view rules that intersect with a subnet |
The new Rule Viewer TQL operator, 'intersects', locates rules whose source or destination intersects with a given host IP, subnet, or range. This refined query capability enables you to check if a rule's source or destination belongs to a specific subnet and optimize firewall rules. Available from PGA.0.0. |
query, subnet, host, range, intersect, TQL, operator, rule viewer, securetrack, security & compliance |
| Support for Violations of Azure Firewall Rules | Violations are now calculated for Azure firewalls, facilitating compliance of Azure firewall policies with regulatory requirements, continuous compliance, and successful audits. | violation, risk, calculation, azure, firewall, securetrack,security & compliance,cloud & platforms |
|
Customizable Validation for SecureApp Tickets |
A new option to add a custom validation script is available for SecureApp, which allows you to ensure application properties, like object names, USP compliance and others, are correct before a ticket is created. This will prevent invalid tickets from being created and later rejected, therefore application owners will save time, avoid complications, and work more efficiently. |
secureapp, validation, script |
|
Shadowed Rules Active Display |
When shadowing rules are shown in the Rule Viewer for a selected shadowed rule, hovering over rule objects shows tooltips and some items are clickable. This provides an improved user experience and helps users make more informed decisions. |
shadowed rule, rule viewer, securetrack |
|
TOS Cluster Health Alerts |
New default alerts for file system usage and database status have been added. The result is simpler monitoring, aiding mitigation of risks to TOS cluster health before they affect the application. In addition, enhanced validation now prevents creating or changing incorrectly configured alerts. |
cluster health, alerts, notifications, securetrack |
Was this helpful?
Thank you!
We’d love your feedback
We really appreciate your feedback
Send this page to a colleague
