Tufin has released R18-2, the second version of the Tufin Orchestration Suite in 2018. TOS 18-2 is available as GA now, delivering some improvements, e.g.

Cloud

  • SecureTrack
    Automatically Onboard AWS VPCs
    VPCs are automatically detected now, which covers adding or removing them.

Security Policy Change Automation and Orchestration

  • SecureChange
    Commit Policy Changes. Using this function, policies are pushed from the Management Server to the Firewalls using the Designer. Supported for Check Point, Palo Alto and Fortinet
  • SecureTrack, SecureChange
    The feature Change Windows allows to schedule time slots for committing policies from Management Server to Firewalls, including new report features
  • SecureChange
    Customizable Rule Names for FortiManager allow to define a rule name directly from the SecureChange Designer when changes are implemented.
  • SecureChange
    Change Automation Enhancements for Cisco Firepower allow to implement changes of the security policy automatically.

Devices and Platforms

  • SecureTrack
    Inline Layer Support for Check Point R80.10
  • SecureTrack
    Migrate or Delete Multiple Devices for some Cisco and Check Point Devices using “Device Bulk Tasks”
  • Support of new devices
    • VMware NSX 6.4.0
    • Cisco ASA 9.8
    • Fortinet FortiManager 5.6.3
    • Fortinet FortiGate 5.4.7 and 5.6.3
    • Forcepoint SMC 6.4
    • Palo Alto Panorama 8.1

REST API

  • Improvements for SecureTrack/SecureChange/SecureApp
    Upgrades of REST API Stanadard (JAX_RS) from 1.1 to 2.1, compliant with Java EE8 Apache CXF (which implements JAX_RS 2.1) upgraded from 2.6.16 to 3.2.1
  • Improvements for SecureTrack
    • Unified Returned JSON Array Format for these APIs:
      Get devices, Get device by Id, Add offline device, Update offline device, Get rules by device, Get specific rule, Rule Search APIs
    • Generic Devices APIs:
      Fully manage adding, deleting, or modifying generic devices to the Interactive Map via the REST APIs. New argument “update_topology”.
    • Sync Topology APIs
      Synchronization of Interactive Map by “Fast Topology Sync” or “Full Topology Snyc”
    • Generic VPN connections API
      Retrieval of a list of generic VON in the Topology Map
    • Check Point Inline Layer Support
      Parameter “include_subpolicy” allows support of this mode
    • Additional Data Returned for Check Point Devices
      API responses for “get devices”, “installed_policy” and “parent_id"
    • Filtering Service Group Members
      Optional parameter “show_members” with more information
    • Support for Pagination in USP Exceptions
      Better management of a large number of USP Exceptions
    • Retrieve Domains from SecureTrack
      New “Synchronize Domains” API retrieves all domains from SecureTrack, also synchronizing SecureChange Domains

Further improvements as well as corrections are included.
The latest version of the Tufin Orchestration Suite can be found at the Tufin Portal: https://portal.tufin.com