Tufin has released R18-2, the second version of the Tufin Orchestration Suite in 2018. TOS 18-2 is available as GA now, delivering some improvements, e.g.
Cloud
- SecureTrack
Automatically Onboard AWS VPCs
VPCs are automatically detected now, which covers adding or removing them.
Security Policy Change Automation and Orchestration
- SecureChange
Commit Policy Changes. Using this function, policies are pushed from the Management Server to the Firewalls using the Designer. Supported for Check Point, Palo Alto and Fortinet - SecureTrack, SecureChange
The feature Change Windows allows to schedule time slots for committing policies from Management Server to Firewalls, including new report features - SecureChange
Customizable Rule Names for FortiManager allow to define a rule name directly from the SecureChange Designer when changes are implemented. - SecureChange
Change Automation Enhancements for Cisco Firepower allow to implement changes of the security policy automatically.
Devices and Platforms
- SecureTrack
Inline Layer Support for Check Point R80.10 - SecureTrack
Migrate or Delete Multiple Devices for some Cisco and Check Point Devices using “Device Bulk Tasks” - Support of new devices
- VMware NSX 6.4.0
- Cisco ASA 9.8
- Fortinet FortiManager 5.6.3
- Fortinet FortiGate 5.4.7 and 5.6.3
- Forcepoint SMC 6.4
- Palo Alto Panorama 8.1
REST API
- Improvements for SecureTrack/SecureChange/SecureApp
Upgrades of REST API Stanadard (JAX_RS) from 1.1 to 2.1, compliant with Java EE8 Apache CXF (which implements JAX_RS 2.1) upgraded from 2.6.16 to 3.2.1 - Improvements for SecureTrack
- Unified Returned JSON Array Format for these APIs:
Get devices, Get device by Id, Add offline device, Update offline device, Get rules by device, Get specific rule, Rule Search APIs - Generic Devices APIs:
Fully manage adding, deleting, or modifying generic devices to the Interactive Map via the REST APIs. New argument “update_topology”. - Sync Topology APIs
Synchronization of Interactive Map by “Fast Topology Sync” or “Full Topology Snyc” - Generic VPN connections API
Retrieval of a list of generic VON in the Topology Map - Check Point Inline Layer Support
Parameter “include_subpolicy” allows support of this mode - Additional Data Returned for Check Point Devices
API responses for “get devices”, “installed_policy” and “parent_id" - Filtering Service Group Members
Optional parameter “show_members” with more information - Support for Pagination in USP Exceptions
Better management of a large number of USP Exceptions - Retrieve Domains from SecureTrack
New “Synchronize Domains” API retrieves all domains from SecureTrack, also synchronizing SecureChange Domains
- Unified Returned JSON Array Format for these APIs:
Further improvements as well as corrections are included.
The latest version of the Tufin Orchestration Suite can be found at the Tufin Portal: https://portal.tufin.com