The Rule Lifecycle Management App (RLM) is a Tufin Marketplace application that simplifies and manages the rule review and certification process. With this app, you automatically identify expiring or expired rules and map them to their owner(s), enabling simple recertification or decertification of the rule. The process results in appropriate tickets opened in Tufin's SecureChange product where the policy and metadata changes are implemented, effectively eliminating many of the manual steps normally required for orchestrating what is often a manual and complex process.

The RLM enables you to:

  • Configure a rule review process based on a generic model
  • Identify inactive owners for rule reassignment
  • Orchestrate rule review across owners
  • Automate rule certification, changes when needed, and disablement when appropriate
  • Maintain a consistent audit trail

The RLM is a subscription application which can be used without restrictions for 30 days by existing Tufin SecureChange customers.


Important notice: if you are upgrading to TOS Aurora 21-3, you must download and reinstall this app.

Version v2.0.6
Compatibility R20-2 or above
  • Fixed object IP validation
Version v2.0.5
Compatibility R20-2 or above
  • Fixed license calculation for CheckPoint modules that appear twice in ST
Version v2.0.4
Compatibility R20-2 or above
  • Find expired rules with action Trust (FMC devices)
  • Fixed case sensitive issue when finding owner permissions
  • Fixed login issue in TOS R22.1
Version v2.0.3
Compatibility R20-2 or above
  • Fixed device count for CheckPoint devices
Version v2.0.2
Compatibility R20-2 or above
  • Fixed license device count
Version v2.0.1
Compatibility R20-2 or above
  • Fixed rule ownership if the source or destination object is ANY
Version v2.0.0
Compatibility R20-2 or above
  • Owner assets superset rules networks to find expiry rules
  • Owners can mark rules and send a request to administrative owners
  • Add filter options to the rules search bar
  • Expiration rules can be filtered by networks and devices
  • SecureTrack objects can be selected as owner asset
  • Owner assets can be imported through a new REST API
  • Group permissions will be assigned to the owner
Version v1.0.4
Compatibility R20-2 or above
  • Fix SecureChange users retrieval if the name field is missing
Version v1.0.3
Compatibility R20-2 or above
  • Support TOS version 21-2
Version v1.0.1
Compatibility R20-2 or above
  • Fix ldap users when the owner name in the group is not a SecureChange username.
  • Enhance the sync info page.
  • Fix save settings if SMTP passowrd is already set.
  • You can now search the dropdown list on the settings page.
Version v1.0.0
Compatibility R20-2 or above
  • Find expiring or expired rules
  • Assign rules to owners based on networks
  • Enabling owners to easily recertify or decertify their rules
  • Uses Rule Decommission workflow to disable rules that have been decertified.
  • Uses Rule Modification workflow when multiple Rule Owners disagree about the certification decision.
  • Send out email notifications that alert Rule Owners about rules that require their attention
Write Review

Be the first to review this app