Reluctance to automate leads to problems for enterprise network firewalls
Enterprises are slow to abandon manual processes, despite being short of staff, and a lack of automation, increasing network complexity and limited visibility are contributing to costly misconfigurations and increased risk.
This is among the findings of the 2019 State of the Firewall Report released today by security automation specialist FireMon, the report is based on responsed from almost 600 people.
The report reveals that cloud adoption is up significantly -- 72 percent of respondents are managing some form of hybrid cloud environment today, compared to the 53 percent in the 2018 report.
However, processes to manage these networks are not keeping pace, 65 percent of respondents are still not using any form of automation to manage their security policies. 38 percent of C-level respondents say that change management processes are ad hoc, such as using email to send requests to firewall admins and spreadsheets to track network changes. Only 23 percent have real-time visibility into network security risks and compliance, and 35 percent of respondents only found out about a misconfigured firewall causing issues through urgent phone calls, emails and texts.
"Businesses are trying to save money by going into the cloud, and we see many companies, adopting digital strategies or they're going into their cloud first journey," says Tim Woods, VP of technology alliances at FireMon. "They're starting to take advantage of what the cloud offers. But as we're seeing the business accelerate we're also seeing as a result that some of those tool sets that they traditionally used on prem don't necessarily translate when they went to cloud. But a lot of the C-levels that we're talking to are saying, 'Hey, I need to quantify the return on the security investment that I'm getting today from the tools that I already own before I go and throw more money at it'."
The report finds that the number of firewalls is increasing too. Almost a third have 100 or more firewalls in their environment and each with a growing set of rules to manage. Additionally, 34 percent have a real-time visibility of 50 percent or less into their network security risks and compliance, which creates a lack of visibility across systems and leads to gaps in enforcement.
The full report is available from the FireMon site.