Tufin has released TOS R24-2, the second version of the Tufin Orchestration Suite of 2024. 
TOS R24-2 is available as GA and can be downloaded from the Tufin Portal (authentication required).
Some improvements of TOS R24-2:

Deployment

  • Upgrade
    The upgrade process has been optimized and is shown in a more transparent way. This increases visibility and helps troubleshooting during upgrades.

Change Monitoring, Automation, and Orchestration

  • SecureChange
    SLA can be set for tickets. Starting with this version, business hours and non-working days can be considered by configuration.
  • SecureChange
    The page showing the tickets has been improved esp. regarding search tickets and manage saved queries. 

  • SecureTrack
    OPM devices are integrated better now. Supported is e.g. automatic mapping of zones to interfaces, matching rules in the Topology Map, etc. So they are also found by SecureChange as possible installation targets.
  • SecureTrack
    The Topology Map now supports both IPv4 and IPv6 routes. So it can be used in mixed environments also.
  • SecureTrack
    The Device Viewer includes the feature "Revision History" for all devices now. This is useful esp. for GCP, Cisco Meraki and OPM devices because they don't have the option for comparing revisions.

Devices and Platforms

  • Azure NSG
    SecureChange Designer now provides suggested changes for access across Azure NSGs and Azure firewall devices. 
  • Azure NSG
    SecureTrack Rule Viewer can interpret the configuration of NSGs, so e.g. "cleanup" as well as "unused objects" can be used.
  • Azure Firewall
    Azure firewalls in a Virtual WAN- Secured Hub deployment when routing is configured in the Azure Hub are supported. So based on the Topology, also USP violations as well as Designer / Verifier are supported. 

  • Cisco
    For Cisco FMC devices generic NAT is supported, so it can be used in Topology.

  • Fortinet
    UserID Automation for FortiManager is supported now, delivering improved visibility for the LDAP groups that are part of the User Groups and FSSO objects. This includes topology support as well as automation tools of SecureChange.
  • Fortinet
    For path analysis FQDN objects or DNS can be used.
  • Fortinet
    The support of enhanced VPN across Fortinet devices is improved (Dial-Up/dynamic VPN). The modelling of SD-WAN is improved.

  • Google
    GCP VPC firewalls can be used in Access Request workflows, they are automatically recognized based on information from the Topology. So also the Verifier can be used for these devices.

  • VMware
    NSX-T is supported by the Rule Viewer, last hit information for NSX-T Distributed firewall rules is available now.
  • VMware
    NSX-T VRFs can be imported as logical routers and be used in Topology.
  • VMware
    IPv6 is now supported for VMware NSX-T in the Interactive Map: Interfaces and Routes. So in SecureChange Designer, Provisioning and Verifier are supported.

 

Further improvements, as well as corrections, are included in R24-2.
The latest version of the Tufin Orchestration Suite can be found at the Tufin Portal: https://portal.tufin.com