Organizations Fail to Effectively Manage Firewall Policy: Survey

Organizations are struggling to keep track of changes in their networks and to effectively manage their firewall policies, according to a new study.

Nearly 85 percent of network administrators in the 2011 Firewall Management report said half of their firewall rule changes need to be fixed because they were configured incorrectly, Tufin Technologies found in its report released Nov. 16.

Very few organizations have automated their audit process, with 7 percent of the respondents claiming they have an automated system and 40 percent claiming to spend a month or longer each year performing firewall audits, the report found.

More than 20 percent of the survey participants said they knew of someone who cheated on a firewall audit, for such reasons as not having enough time, irrelevant parameters and worries that the results would make the network security team look bad, the report found. About 23 percent of the organizations in the survey claimed to never have performed a firewall audit at all. About 11 percent claimed to have no idea how much time it takes to perform an audit, according to Tufin.

“This year s survey reveals that more than budget constraints or any other factor time is the security manager s most precious resource,” said Shaul Efraim, vice president of marketing and business development at Tufin Technologies.

About 30 percent of the administrators said changing a firewall rule can take their team between several hours to several days on average. About two-thirds of the organizations claimed to be vulnerable to breaches because their change management processes are not formalized and are manual, requiring too many steps and people to complete.

"If that is not business justification for automating fundamental, but time consuming, error prone, network security processes, then what is?” said Efraim.

Nearly half of the respondents said they identify duplicate or redundant firewalls rules manually and a fifth said they don’t have a process in place to find them. About 43 percent of the survey respondents said they manage firewall rules manually. Even more worrying, 41 percent of the administrators in the survey said they don’t have a way to determine when a firewall needs to be retired or fixed.

It was surprising that many of the administrators were still performing basic tasks, such as tightening up rules, looking for duplicate rules and updating outdated rules, manually, according to Efraim.

"There is no benefit to having experienced administrators spend their days searching for needles in haystacks,” he said.

To read the original eWeek article, click here: Majority of Firewall Rules Are Improperly Configured, Managed, Survey Finds

CIO Insight Staff
CIO Insight Staff
CIO Insight offers thought leadership and best practices in the IT security and management industry while providing expert recommendations on software solutions for IT leaders. It is the trusted resource for security professionals who need network monitoring technology and solutions to maintain regulatory compliance for their teams and organizations.

Get the Free Newsletter!

Subscribe to Daily Tech Insider for top news, trends, and analysis.

Latest Articles