The Growing Complexity of Firewalls

Tim Woods


As firewalls remain relevant, where are the new challenges in network security around their use?

The challenges our respondents pointed out

Out of 334 security decision-makers, some of their biggest challenges around their firewall ecosystems involved the following:

Open Ended Up to 1024 Px Wide - chart1.png

Look at No. 1: complexity of firewall rules and policies. That’s driven by a few factors, including the sheer volume of firewalls under management:

Open Ended Up to 1024 Px Wide - chart2.png

1 in 8 respondents are managing over 500 firewalls, and 1 in 4 are managing over 100.

At the same time the number of firewalls under management is increasing, so too are the associated rule bases:

Open Ended Up to 1024 Px Wide - chart3.png

Then bring in the increasing necessity and adoption rate of cloud. Security teams appear not even sure who manages network security in the cloud, as indicated in these responses:

Open Ended Up to 1024 Px Wide - chart4.png

And finally consider all the new models of security our respondents are considering or starting to embrace:

Open Ended Up to 1024 Px Wide - chart5.png

Our CEO, Satin Mirchandani, spoke directly to the increasingly complex landscape when the report was first released:

“Many companies are still trying to manage firewall rules manually, but in this era of next-gen architectures and sophisticated malware, this is no longer an effective way to enforce access policies and mitigate risk.”

“With more than half of survey respondents stating that three or more teams are involved in change management, the high number of change requests alone can drain valuable time, resources and budget from any security program. Factor in new technology adoption, and the stage is set for further policy management problems.”

FireMon helps organizations improve their risk posture. Firewalls are no doubt still relevant — that was the higher-order finding of the 2018 report — but complexity around next-gen architectures, the sheer number of firewalls under management, and the rapid adoption of cloud (We offer automated change processes, security assessment and cleanup, firewall rule cleanup, and automated compliance.

In a time of increasing business competition, companies are always looking for that next advantage. (Logical, right?) But the security side of the equation has gotten increasingly complex, and unfortunately, security needs often lag several levels behind the needs of the business. The 2018 State of the Firewall report is calling that out: firewalls remain important to security professionals, but the complexity and confusion of the landscape threatens to topple that idea. The time is now to bring your security posture up to the level of your business innovation.