Cloud Security Authors: Liz McMillan, Pat Romanski, Elizabeth White, Yeshim Deniz, Terry Ray

Related Topics: Government Cloud

News Feed Item

Survey Finds Complex Firewall Policies and Lack of Automated Management Tools Leads to Security Gaps, Compliance Violations, Poor Performance, and Premature Firewall Purchases

Secure Passage Survey Polled Fortune 1000 IT Network, Firewall and Security Executives About the Security, Compliance and Performance Implications of Complex Firewall Policies

OVERLAND PARK, KS -- (Marketwire) -- 02/24/09 -- Secure Passage, the leading provider of security analysis and compliance solutions for firewalls, routers and switches, today released the results from a survey of 253 IT network, firewall and security executives from Fortune 1000 companies in financial services, government, business services, and other industries. The survey revealed that poor firewall management practices lead to security gaps, compliance violations, substandard firewall performance, and premature device purchases. The survey also revealed that although organizations are experiencing more compliance and security challenges due to increasing firewall policy complexity, few know about solutions or have access to resources that can address these challenges.

"These results are shocking but not necessarily surprising," said Secure Passage CTO and Founder Jody Brazil. "Gartner reports have pointed out that firewall policy mismanagement leads to security problems, specifically breaches. This survey validates what Secure Passage has been seeing for years. It's alarming that there is so little understanding of the problem within the industry and that many organizations unnecessarily allocate massive amounts of resources to the problem. It is particularly disturbing when there are products on the market that can easily solve this problem."

Top 10 Shockers Revealed by Respondents:

1.  73 percent think firewall rule bases are too complex or out of control
2.  59 percent feel that a lack of management tools makes policy management
3.  70 percent believe that unused rules make firewalls difficult to manage
4.  65 percent responded that unused rules lead to potential security gaps
5.  43 percent stated that unused firewall policy rules negatively impacted
    performance and led to the premature purchase of new firewalls
6.  Only 35 percent perform audits continuously or once a quarter, although
    77 percent think audits should be done that often
7.  75 percent perform manual audits using their own staff
8.  71 percent cited limited staff resources as the number one reason why
    more analysis is not performed
9.  65 percent stated that the process was too labor-intensive
10. 60 percent responded that allocating resources or budget to this
    problem area was not a management priority

Although survey respondents acknowledged that firewall policies are overly complex and that their IT teams need help dealing with this issue, too few organizations understand the full impact of the problem. Forced to do more with even less in 2009, enterprises will look for a way to better understand the state of security for their firewalls, routers and switches. Enterprises clearly need total visibility into the security posture of all firewall and network device policies, to enable them to easily and quickly monitor and analyze configuration changes and send out alerts when an event renders a device non-compliant. Furthermore, to drive critical decisions, they need detailed and accurate reports, understandable by both executives and technical teams, that reflect the unique situations of each organization.

"Organizations are finding that it's nearly impossible to manage their firewall policies in an environment that promises to become even more complex over time," said Rob Bykowski, COO, Secure Passage. "Products exist today that enable organizations of all sizes to do more with less by automating resource-intensive policy management processes to meet both internal audit and regulatory compliance requirements."

For more information

To request a copy of this survey report, simply send an email request to [email protected].

About Secure Passage

Secure Passage is the leading provider of security analysis and compliance solutions that simplify and automate the analysis of configuration and change management processes to enhance security, optimize performance, and speed compliance reporting. The company's flagship product, FireMon®, analyzes changes and performs audits in real time; simplifies policy management; and enforces configuration governance across firewalls, switches, routers and other network devices. FireMon is the only solution on the market that can be customized to meet the unique audit and compliance reporting requirements for networks of all sizes while enabling IT organizations to do more with less effort. Enterprise-strength deployments of FireMon around the world support more than 25,000 security devices from vendors such as Cisco, Juniper, Check Point, and McAfee. For more information, visit www.securepassage.com.

Secure Passage, FireMon, and the Secure Passage logo are registered trademarks of Secure Passage.

Image Available: http://www2.marketwire.com/mw/frame_mw?attachid=928058

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

IoT & Smart Cities Stories
DXWorldEXPO | CloudEXPO are the world's most influential, independent events where Cloud Computing was coined and where technology buyers and vendors meet to experience and discuss the big picture of Digital Transformation and all of the strategies, tactics, and tools they need to realize their goals. Sponsors of DXWorldEXPO | CloudEXPO benefit from unmatched branding, profile building and lead generation opportunities.
In this Women in Technology Power Panel at 15th Cloud Expo, moderated by Anne Plese, Senior Consultant, Cloud Product Marketing at Verizon Enterprise, Esmeralda Swartz, CMO at MetraTech; Evelyn de Souza, Data Privacy and Compliance Strategy Leader at Cisco Systems; Seema Jethani, Director of Product Management at Basho Technologies; Victoria Livschitz, CEO of Qubell Inc.; Anne Hungate, Senior Director of Software Quality at DIRECTV, discussed what path they took to find their spot within the tec...
The deluge of IoT sensor data collected from connected devices and the powerful AI required to make that data actionable are giving rise to a hybrid ecosystem in which cloud, on-prem and edge processes become interweaved. Attendees will learn how emerging composable infrastructure solutions deliver the adaptive architecture needed to manage this new data reality. Machine learning algorithms can better anticipate data storms and automate resources to support surges, including fully scalable GPU-c...
Disruption, Innovation, Artificial Intelligence and Machine Learning, Leadership and Management hear these words all day every day... lofty goals but how do we make it real? Add to that, that simply put, people don't like change. But what if we could implement and utilize these enterprise tools in a fast and "Non-Disruptive" way, enabling us to glean insights about our business, identify and reduce exposure, risk and liability, and secure business continuity?
Nicolas Fierro is CEO of MIMIR Blockchain Solutions. He is a programmer, technologist, and operations dev who has worked with Ethereum and blockchain since 2014. His knowledge in blockchain dates to when he performed dev ops services to the Ethereum Foundation as one the privileged few developers to work with the original core team in Switzerland.
DXWorldEXPO LLC announced today that Telecom Reseller has been named "Media Sponsor" of CloudEXPO | DXWorldEXPO 2018 New York, which will take place on November 11-13, 2018 in New York City, NY. Telecom Reseller reports on Unified Communications, UCaaS, BPaaS for enterprise and SMBs. They report extensively on both customer premises based solutions such as IP-PBX as well as cloud based and hosted platforms.
"Akvelon is a software development company and we also provide consultancy services to folks who are looking to scale or accelerate their engineering roadmaps," explained Jeremiah Mothersell, Marketing Manager at Akvelon, in this SYS-CON.tv interview at 21st Cloud Expo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
"Space Monkey by Vivent Smart Home is a product that is a distributed cloud-based edge storage network. Vivent Smart Home, our parent company, is a smart home provider that places a lot of hard drives across homes in North America," explained JT Olds, Director of Engineering, and Brandon Crowfeather, Product Manager, at Vivint Smart Home, in this SYS-CON.tv interview at @ThingsExpo, held Oct 31 – Nov 2, 2017, at the Santa Clara Convention Center in Santa Clara, CA.
DXWordEXPO New York 2018, colocated with CloudEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
The current age of digital transformation means that IT organizations must adapt their toolset to cover all digital experiences, beyond just the end users’. Today’s businesses can no longer focus solely on the digital interactions they manage with employees or customers; they must now contend with non-traditional factors. Whether it's the power of brand to make or break a company, the need to monitor across all locations 24/7, or the ability to proactively resolve issues, companies must adapt to...