SASE, MSP, MSSP, Cloud Security, Network Security

Tufin’s R25-2 Brings Unified Policy and Compliance Management to Hybrid and SASE Networks

modernize cybersecurity SASE

Enterprises today run a mix of data centers, cloud platforms, and SASE environments. While this setup offers flexibility, it also adds complexity that makes it difficult for security and network teams to keep policies and compliance aligned. Tufin’s new release, the Orchestration Suite (TOS) R25-2, addresses this by expanding its unified control plane to centralize policy management, automation, and compliance across all hybrid environments.

Ruth Gomel Kafri, VP of Product Management at Tufin, told ChannelE2E that the R25-2 update builds on Tufin’s goal of simplifying network security in complex, multi-vendor environments.

“With R25-2, we’ve expanded our unified control plane to give customers a single, consistent way to manage security policy across their on-premise, cloud, and SASE environments,” she said. “Most organizations today are juggling multiple vendors, consoles, and associated rule sets, which naturally creates unnecessary complexity that can lead to risk and security policy compliance drifts. Our goal is to help customers simplify things by bringing all of those layers together under one management platform.”

Addressing Network Complexity with Unified Control

Fragmented tools often cause policy drift and operational blind spots. When teams manage firewalls, cloud systems, and SASE solutions separately, it creates inconsistencies and slows response times. With R25-2, Tufin expands its unified control plane to give teams a single way to view connectivity, assess risk, and enforce compliance across the entire network.

Kafri noted that the dynamic nature of enterprise networks demands more granular control than ever before. “The combination of today’s sophisticated threats with the increasingly dynamic nature of the enterprise network means that granular policies need to be applied in order to protect an organization,” she said. “To do this successfully, more precise access controls are needed, such as those that allow specific URL categories, applications, users, and more. With this release, we’ve refined our support for Palo Alto and Cisco policies, helping to make both troubleshooting and access automation faster and more exact.”

Strengthening Accuracy and Cloud Compliance

Accurate visibility into how traffic flows across diverse environments is essential to maintaining strong security posture. R25-2 enhances topology accuracy through deeper integration with vendors like Palo Alto Networks and Cisco, giving teams a clearer view of how rules and routes behave in real time.

On the cloud front, Tufin’s new automation and provisioning capabilities simplify compliance management in dynamic environments. “R25-2 provides customers with the ability to apply new access automatically to Microsoft Azure Network Security Groups (NSGs), which enhances the access granularity and accuracy in the cloud,” Kafri explained. “We also provide compliance control for AWS, Microsoft Azure, GCP, and Zscaler Internet Access (ZIA), supporting our highly regulated customers in their transformation to the cloud.”

Kafri added that this integrated approach allows customers to manage risk holistically: “Customers who deployed ZIA Cloud Firewall as their network security control for the cloud can also now apply automated risk validation and change design, aligning all their network security access change processes inside the Tufin unified control plane.”

The end result, she said, is what modern security posture management should look like—one platform where security and network teams can “see more, automate more, and reduce risk across their ever-expanding networks.”

Equipping MSPs, MSSPs with Automation and AI

For MSPs and MSSPs managing dozens of client environments often means dealing with different vendors, configurations, and compliance frameworks. Kafri explained that R25-2 was designed to ease that burden. “Managing security policy for multiple clients often means that MSSPs have to deal with dozens of environments, multiple vendors, and a variety of different compliance requirements,” she said. “R25-2 simplifies that complexity with centralized visibility, policy automation, and continuous compliance, all from our unified control plane.”

Automation ensures consistent and compliant policy changes across all client networks—whether on-prem, in the cloud, or within SASE deployments. Continuous compliance tools help MSSPs detect and remediate violations automatically, staying ahead of potential audit findings and risk exposures.

Kafri also highlighted how Tufin’s new AI-driven capabilities are reshaping policy management. “Network security is complex and demands deep expertise,” she said. “With Tufin’s AI assistants for IT, SOC, and network security teams - and our new TufinAI Assistant for Rule Search - we’re transforming how teams access, understand, and act on network policy data.”

The new TufinAI Assistant allows teams to query complex policy sets in plain language, reducing dependency on scripting or senior expertise. “Network security engineers can now find, interpret, and analyze specific rules instantly using natural language queries,” Kafri said. “The result is faster analysis, greater team autonomy, and smarter collaboration across network, security, and compliance teams.”

For MSPs, these capabilities translate into faster client onboarding, automated enforcement of standards, and less operational overhead.

“We aim to help them deliver stronger security outcomes for their customers, at scale, while helping to reduce the operational overhead that’s typically involved in managing complex, multi-client tools and environments,” Kafri added.

The Tufin R25-2 release shows how network and security management are evolving with hybrid environments. By expanding its unified control plane and adding AI-driven policy insights, Tufin gives enterprise teams and MSSPs a simpler way to manage policies, reduce risk, and stay compliant without juggling multiple tools. As more organizations adopt hybrid and SASE models, Tufin’s approach stands out for helping them streamline operations while keeping full control over security.

An In-Depth Guide to Cloud Security

Get essential knowledge and practical strategies to fortify your cloud security.
Suparna Chawla Bhasin

Suparna is the Senior Managing Editor for CyberRisk Alliance’s Channel Brands, including MSSP Alert and ChannelE2E. She manages content development, sharpens editorial workflows, and ensures storytelling is tightly aligned with audience needs. With a background in technology, media, and education, she combines strategic insight with creative execution.

You can skip this ad in 5 seconds