SecureTrack 4.3 from Tufin Technologies

Tufin has traditionally focused on firewall configuration, auditing and management, but with this latest version of its SecureTrack software, it now pushes this expertise into network device management as well. This new feature only currently supports Cisco routers and switches, but considering these products hold sway over the majority of business networks, it looks an excellent place for Tufin to start its expansion plans. Tufin also recognises the need to prove compliance with data protection regulations and includes automated PCI DSS (Payment Card Industry Data Security Standard) reporting facilities.

We noted in previous reviews that Tufin had limited support for Juniper security appliances and this has now been remedied as all SSG security devices are on the guest list, allowing SecureTrack to detect configuration changes in real time and report on the users that made them. Previously, changes to Juniper devices were only picked up after they had been polled, but SecureTrack now uses syslog, allowing it to identify changes in realtime. There's more on the agenda, as SecureTrack's abilities to find rule shadowing or overlap within firewall policies has been improved. Earlier versions could only notify security staff that these events had been identified, but this version can now show precisely which rules are causing the shadowing within its analysis reports. SecureTrack's well designed central console offers wizard-based assistance for adding monitored devices where you provide their IP addresses, select data collection options, and provide administrative access credentials.

All monitored devices appear in a tidy tree structure in the left pane and are accompanied by colour coded status icons, along with alerts for the number of policy revisions that have occurred in the specified time frame. The window alongside shows all policy changes for the selected device and SecureTrack reveals when the changes were made, who applied them, the computer name running the client, and the type of policy package. The individual policy details are shown in the window below and we liked the fact that the rules are shown in the same style and employ the same icons, as those used by each vendor's own management interface. Selecting multiple policies for a device allows you to compare them where all new rules and changes are clearly highlighted.

For Cisco routers and switches, the window shows the IOS console for each checked policy, with changes highlighted for easy identification. SecureTrack's analysis tool allows you to query any number of rule bases for specific information. Queries are easily customised as you can select specific devices and policy packages, enter source, destination and service objects, and look for, allow, or deny, actions. The Audit feature allows you to build queries that analyse policies on selected devices to ensure they comply with company security practises and plenty of predefined risks are included.

Real-time alerting is provided under the Compliance tab which employs SNMP trap priorities and rule matches and can look for particular rule changes that violate company security policies. Alerts can be associated with devices, but can also be linked to selected administrators, allowing SecureTrack to monitor the actions of specific personnel. The new PCI-DSS feature is found here and this generates detailed compliancy reports and produces them in a format acceptable to qualified auditors. Businesses are now faced with a raft of government regulations and best practice guidelines on data protection, so it pays to ensure that firewalls are correctly configured and strictly managed. SecureTrack delivers an excellent range of real time policy analysis and monitoring tools, gathered together in a very intuitive central console, and the additional support for Cisco switches and routers makes it even more versatile. NC

Product:

SecureTrack 4.3 Supplier: Tufin Technologies
Tel: 07802 304 500
Web site: www.tufin.com
Price: From £5,000 excluding VAT