• slide
  • slide
  • slide


Tufin Technologies provides network security policy management solutions that enable public sector organizations to achieve business agility while integrating security throughout their ongoing network management and Cloud Smart Strategy. Over 2,000 organizations use Tufin products to successfully manage highly complex hybrid networks through a single pane of glass solution since 2005.

Tufin products consolidate the management of network security devices and platforms and provide vendor-agnostic policy management capabilities. Aggregation and data enrichment of policies across firewalls, NGFWs, switches and routers, private and public cloud, provide visibility over existing access policies that are unused, risky, or redundant. Visualized network topology provides insight into how your network connects, and path analysis shows where access is broken to expedite troubleshooting.

Tufin provides the ability to operationalize your security policy in an integrated zone-to-zone-based network connectivity matrix to identify violations and calculate if new access changes are compliant, which Is necessary to determine of connectivity is permissible to contractors. Configurable workflows enable new access design and automate configurations across the entire network but can also be used to remove access. Cloud Smart Strategy is enabled through cloud adoption workflows such as server policy cloning and server decommissioning to ensure connectivity during cloud migrations while retaining a minimized attack surface. All changes in Tufin Orchestration Suite are automatically tracked and readily reportable to ensure audit preparedness.


  • SecureTrack

    SecureTrack provides visibility across the network and helps organizations define a unified security policy and maintain compliance. SecureTrack is utilized to:

    • Identify unused, risky, or redundant policies for removal
    • Visualize network topology across the SDN, physical network, and public cloud
    • Establish network zones and define the access policies through which they can connect
    • Identify violations to security policy
    • Designate violations as exceptions and track for recertification or removal
    • Monitor the state of compliance to security
    • Generate compliance-based reporting
    • Troubleshoot network connectivity

  • SecureChange

    SecureChange provides customers with the ability to automate changes across the network while maintaining compliance with policy and security standards. SecureChange is utilized to:

    • Establish consistent workflows for access change management across the network
    • Segregate duties based on role (e.g. networking, security, compliance)
    • Automate the rejection of access requests for access that is already available
    • Calculate if the access request violates security policy
    • Automate the design of network changes based on topology
    • Provision the changes across all the different vendors’ devices in the network, SDN, and cloud
    • Align change configurations to change windows or push emergency changes

  • SecureApp

    Integrate into the application development and deployment lifecycleSecureApp provides application connectivity management and streamlines communication between application developers and network engineers. SecureApp is utilized to:

    • Identify and track the connectivity requirements of an application
    • Determine application dependencies
    • Alert for application outages and automate connectivity restoration
    • Determine the compliance of application connectivity
    • Track changes to application connectivity



GSA Schedule 70

Dec 20, 2011- Dec 19, 2021


Mar 03, 2015- Aug 10, 2020
*Additional Option Years Available


Massachusetts Higher Education Consortium (MHEC)

Aug 10, 2019- Jun 30, 2022