Skybox Security Announces Findings in Firewall Management Survey
March 2011 by Skybox Security
Skybox Security announced the results of a survey it conducted during the recent RSA security conference. Polling more than 50 attendees, the company uncovered surprising information about the prevalence of next-generation firewalls, and the huge percentage of large organizations that do manual firewall management.
In the survey by Skybox Security, 42% of respondents had more than 100 firewalls to manage, and 67% said they have firewalls from multiple vendors. In fact, 54% said their firm employs more than 5 full-time people in day-to-day firewall management and security. However, only 21% of the firms use any automated firewall management products at all.
"It’s scary how many large organizations we audit that use a manual system [to manage firewalls]. It’s scary." This comment, from a PCI Compliance Auditor, underscores the fact that many organizations fail to use automated tools for firewall management. As the number of firewalls continues to grow, and as many organizations utilize multiple firewall vendors to satisfy their requirements, the use of automated tools becomes an absolute necessity.
Another important issue raised by the survey involves the rapid adoption of next-generation firewalls, coupled with concern about security and management issues. 15% of survey respondents indicated they have already deployed next-gen firewalls, and another 27% plan to deploy within the next 12 months. Yet adoption brings a new set of concerns. Almost 20% of respondents voiced concern over how to convert existing policies or establish new policies that take into account the finer granularity of control provided by the firewalls.
The time required to define next-gen firewall rules at the user and application level is a big issue for more than 20% of survey-takers. Another common theme is the time and effort it takes to do basic firewall analysis: 25% of respondents raised this as a major concern. The prevalence of multiple types of firewalls from multiple vendors only exacerbates the problem, as was expressed by 18% of respondents.
The risks involved in manual firewall management are many, and significant. Firewalls are an organization’s first line of network defense. In order to keep them configured properly for maximum security, and in compliance with policy, regular firewall audits are required. When audits must be done across dozens or hundreds of firewalls, the task is extremely time-consuming and the potential for mistakes is high. Products such as Skybox Firewall Assurance automate the task of collecting, correlating, and analyzing firewall data, while boosting firewall security and compliance.
Skybox support for Palo Alto Networks next-generation firewalls, contained in the next release of Skybox Firewall Assurance scheduled for April, will enable customers to automatically and consistently audit and manage firewall infrastructures that contain next-generation Palo Alto Networks firewalls. Customers will be able to create security policies that contain granular user and application information, check firewall rulesets against these policies, track changes, and check platform configurations through Skybox Firewall Assurance.