Organizations still struggle with basic firewall management
Firewalls remain an important element of security architecture, but many organizations are still struggling with the basics, according to a new study.
Security policy management company FireMon has released its 2018 State of the Firewall report which reveals that 94 percent of respondents believe firewalls are as or more critical than ever.
Yet despite this, companies are still struggling with basic firewall management, with rule complexity (30 percent), policy compliance and audit readiness (17 percent), and firewall rule optimization (14 percent) emerging as major pain points.
The report identifies two contributing factors to firewall management challenges, the first being the number of firewalls that security and IT teams are trying to manage. More than a quarter (26 percent) of companies have 100 or more firewalls on their network, while 33 percent have between 10 and 99.
The second factor is the number of change requests processed each week. 16 percent of companies process more than 100 change requests each week, while 40 percent deal with between 10 and 99 requests.
"Many companies are still trying to manage firewall rules manually, but in this era of next-gen architectures and sophisticated malware, this is no longer an effective way to enforce access policies and mitigate risk," says FireMon CEO Satin Mirchandani. "With more than half of survey respondents stating that three or more teams are involved in change management, the high number of change requests alone can drain valuable time, resources and budget from any security program. Factor in new technology adoption, and the stage is set for further policy management problems."
Although firewalls are still seen as important, their continuing role remains unclear in next-gen architectures. 53 percent of companies have either partially or fully adopted a public and/or hybrid cloud model, yet only 35 percent believe firewalls provide 'high value' for the cloud services they manage.
Respondents say they are also considering implementing next-gen security architectures. These include virtualization (54 percent), software-defined networks (41 percent), microsegmentation (29 percent), containerization (28 percent) and zero trust (23 percent). 27 percent of respondents believe enterprise firewalls will become obsolete with these next-gen architectures, while 26 percent aren't sure. The remaining 47 percent don’t think firewalls will become obsolete in the wake of these new technologies.
The full report is available to download from the FireMon site.