A Tufin Technologies study found that the lack of automation in firewall management is resulting in improper firewall rule configuration and cheating on audits.
Organizations are struggling to keep track of changes in their
networks and to effectively manage their firewall policies, according
to a new study.
Nearly 85 percent of network administrators in the 2011 Firewall
Management report said half of their firewall rule changes need to be
fixed because they were configured incorrectly, Tufin Technologies
found in its report released Nov. 16.
Very few organizations have automated their audit process, with 7
percent of the respondents claiming they have an automated system and
40 percent claiming to spend a month or longer each year performing
firewall audits, the report found.
More than 20 percent of the survey participants said they knew of
someone who cheated on a firewall audit, for such reasons as not having
enough time, irrelevant parameters and worries that the results would
make the network security team look bad, the report found. About 23
percent of the organizations in the survey claimed to never have
performed a firewall audit at all. About 11 percent claimed to have no
idea how much time it takes to perform an audit, according to Tufin.
"This year's survey reveals that more than budget constraints or any
other factor time is the security manager's most precious resource,"
said Shaul Efraim, vice president of marketing and business development
at Tufin Technologies.
About 30 percent of the administrators said changing a firewall rule
can take their team between several hours to several days on average.
About two-thirds of the organizations claimed to be vulnerable to
breaches because their change management processes are not formalized
and are manual, requiring too many steps and people to complete.
"If that is not business justification for automating fundamental,
but time consuming, error prone, network security processes, then what
is?" said Efraim.
Nearly half of the respondents said they identify duplicate or
redundant firewalls rules manually and a fifth said they don't have a
process in place to find them. About 43 percent of the survey
respondents said they manage firewall rules manually. Even more
worrying, 41 percent of the administrators in the survey said they
don't have a way to determine when a firewall needs to be retired or
It was surprising that many of the administrators were still
performing basic tasks, such as tightening up rules, looking for
duplicate rules and updating outdated rules, manually, according to
"There is no benefit to having experienced administrators spend their days searching for needles in haystacks," he said.
The lack of automation makes auditing network security systems a
challenge, especially as organizations use more firewalls in
virtualized environments and adopt next-generation firewalls, according
In a separate Ponemon Institute study released Nov. 14, researchers
found that about 64 percent of surveyed organizations were using
next-generation firewalls to supplement existing security deployments.
The combination of next-generation firewalls and existing security
tools creates a more complex network for IT departments to manage,
according to the Ponemon Institute.
Another study released by TheInfoPro on Nov. 17 found that 37
percent of information security professionals said their organizations
plan to increase security spending in 2012. In the study,
application-aware firewalls were one of the more popular technologies
named by respondents.