Digital transformation and cybersecurity: a Tufin success story

In the modern digital era, companies face a paradox: the desire for greater speed and business flexibility often conflicts with cybersecurity requirements. Traditional methods of managing firewalls and security policies become ineffective, slowing down innovation and increasing risks. In this article, we’ll look at a real-life case study that demonstrates how a global consulting and auditing firm solved these problems by implementing the Tufin Orchestration Suite solution.

Key challenges on the path to digital transformation

The firewall management team, like many other security departments, was in the process of digital transformation. Their goal was ambitious: to consolidate the management and control of security policies across the entire organization to improve overall protection and, at the same time, accelerate the introduction of changes to the network.

Challenge 1: Consolidation and optimization of firewall management

The company, which was already using Tufin SecureTrack to monitor 200 internal firewalls, intended to integrate an additional 600 firewalls from its subsidiary business units. The main risk was that network security is only as strong as its weakest policy. Manually checking and auditing 800 firewalls for duplicate, redundant, or non-compliant policies was an extremely difficult task. According to preliminary forecasts, such an audit would have taken 9 months for several full-time employees, but the team had neither the resources nor the budget for a project of this size and scale. This situation highlighted the need for an automated tool to optimize security policies.

Challenge 2: Accelerating change request processing and ensuring scalability

Annually, the team received over 11,000 requests to make changes to the network. Manually managing these requests created serious problems:

• Significant time and resource costs: Each request required manual processing, which slowed down business processes.
• High probability of errors: Manual configuration increased the risk of errors, which led to rework and downtime.
• Incomplete information in requests: Applicants (developers, application owners) often did not have enough information to fill out requests correctly. The team had to spend time clarifying, which increased the time it took to complete the tasks.

The head of the firewall management service noted: “We need to do our job well and quickly.” To do this, they needed a tool that would help standardize the process, automatically check requests for compliance with requirements, and reduce the likelihood of errors in order to effectively cope with the ever-growing volume of requests.

Why Tufin was the optimal solution

The team lead had previous experience with Tufin and knew of its reputation as a leader in the industry. The company conducted a proof of concept (PoC), which quickly confirmed the key benefits of the solution:

• Multi-vendor management: Tufin demonstrated the ability to manage products from different vendors, which was critical for the firm’s heterogeneous network.
• End-to-end visibility: The solution provides complete transparency of security policies across all firewalls, allowing for quick identification of gaps and risks.
• Automation and compliance: Tufin automatically checks policies for compliance with standards, duplication, and redundancy, which is the basis for effective security policy management.
• API integration: The solution easily integrates with other tools, such as ServiceNow, which allowed the team to maintain their usual workflows but significantly speed them up.

Thanks to the centralized control provided by Tufin SecureTrack and SecureChange, the company gained a single security system for its entire global network. This allowed for more effective perimeter protection and a reduction in the attack surface, which is critical for any organization seeking cybersecurity and resilience.

Measurable results and achievements

The implementation of Tufin brought the company significant and measurable benefits that confirmed the value of the investment.

Optimization and resource savings

• Reduced project time: The consolidation project, which was expected to take 9 months, was completed in just 3.7 months.
• Man-hours saved: Thanks to automation, the team saved over 1,400 man-hours.
• Cost savings: This resulted in savings of over $300,000 USD compared to the forecasted costs.
• Policy cleanup: During the consolidation, thousands of repetitive and outdated rules were eliminated, which significantly increased the efficiency and security of the network.

Increased operational efficiency and security

• Productivity growth: Even in the early stages of implementation, the team recorded a productivity increase of 10%.
• Reduced request processing time: The team predicts that after the full deployment of the Tufin Orchestration Suite, the time to complete requests within the SLA will be reduced from 5 to 2 days, with many simple changes being completed in minutes.
• Elimination of errors: Tufin automatically detects redundant and duplicate rules even before the workflow begins, which eliminates rework and unnecessary risks.

Thanks to Tufin, the firewall management team no longer needs to increase its staff to scale, as automation allows it to cope with the growing volume of requests. It has achieved the ideal balance between speed and security.

Tufin Orchestration Suite – a unique offering in Ukraine

The Tufin Orchestration Suite is an advanced and unique solution that is an integral part of the portfolio of the company NWU, the official distributor of Tufin in Ukraine. This solution is a desirable tool for SOC and IT security teams of any Ukrainian company that seeks to effectively manage risks and ensure the resilience of their business processes in the face of modern cyber threats.

Thanks to the partnership with **NWU**, Ukrainian companies have the unique opportunity to buy Tufin in Ukraine and receive professional support. For additional information and consultations on the functionality of Tufin TOS R24-1, please contact NWU representatives.