Forrester Research expects the market for tools to help enterprises manage and audit their firewall policies to jump 25 percent this year due to the requirements of PCI-DSS. Third-party vendors are competing to take advantage of interest in the space by attempting to surpass the capabilities offered by companies such as Cisco and Juniper Networks.
Forrester Research expects the market for firewall auditing tools to
jump 25 percent this year on the back of compliance regulations. Right now the market is relatively small,
standing at about $30 million today, Forrester analyst John Kindervag
said. But the requirements of the Payment Card Industry Data Security
Standard are forcing enterprises to pay closer attention to managing
their firewall rules, he added.
"It says at least twice you have to audit all your firewall rules, and
for a large organization that can be pretty darn challenging," he
explained. "I think that that's where the growth in this space is
It is not unheard of in enterprise environments for network
administrators to be dealing with thousands of firewalls, and making
sure the rules governing them do not contradict or negate one another
can be a long and involved process. So much so that a survey of IT pros by
Tufin Technologies - which specializes in firewall auditing tools -
found that many had cheated on their firewall security audits. In response, companies such as Tufin, Exaprotect, Secure Passage and
AlgoSec are trying to carve out a niche in the space by picking up
where management tools from major firewall vendors leave off. "Firewall
vendors are in a position to improve management of their systems,
however, we see it as unlikely that they will ever replace the need for
third-party firewall management solutions," said Jody Brazil, CTOof
Secure Passage. "A key limiting factor for the firewall vendors
solving this problem is the need to provide multivendor
solutions. Another significant issue for the firewall
vendors is that they must remain flexible to meet all the needs of
their customers. What may be seen as a compliance issue at one
customer is not a requirement for another customer." It's likely that
as consumer demand for the capabilities increases, companies such as
Cisco, Check Point Software Technologies and Juniper Networks will look
to acquire or partner with some of the third-party vendors, Kindervag
said. "I think clearly
there are a lot of problems in managing firewall rules sets," he said.
"If you think about it right there's always a change management process
for putting in a rule...but there's no process to get rid of rules."
Learn how to achieve greater operational efficiency and automation in your data center networks. Read the Gartner report "Emergence of Ethernet Fabric Will Push Users to Rethink Their Data Center Physical Switch Networks" and start simplifying and automating your networks today.