In a security landscape of dissolving perimeters and spreading attack vectors, the humble enterprise firewall is no longer considered very sexy. But the firewall is still the first line of defence, and as a new report on the state of the company firewall by security management firm FireMon indicates, it’s still alive and well.
FireMon’s ‘State of the Firewall 2014′ reveals that firewalls remain highly strategic to organisations’ current and future security strategies- with an overwhelming 92% of respondents indicating that firewalls will stand as a ‘critical’ component of their security infrastructuers for the forseeable future.
Firewalls still have a role to play in defining the boundary between trust zones, reducing the attack surface of a network and giving visibility to traffic.
> See also: Why the humble firewall still stands strong
However, the prevailing view of the firewall as still mission critical is not without challenges as the study also found significant, persistent and widespread management issues, most notably related to firewall policy complexity.
The adoption of Next Generation Firewall (NGFW) solutions that combine traditional firewalls with other network device filtering functionalities such as application firewalls and intrusion prevention systems, has grown in nearly all organisations. But this has come with its own set of management concerns.
Perhaps even more surprisingly, survey respondents affirmed that firewalls will play a significant role in the adoption and security management of emerging network paradigms including cloud computing, software-defined networking (SDN) and DevOps.
‘Previous observations that the ‘firewall is dead’ were clearly premature or overstated,’ said Jody Brazil, CEO of FireMon. ‘Not only do today’s practitioners consider firewalls as critical an element of their network security strategy as ever, but they also see a crucial role for the firewall within evolving paradigms including the cloud and SDN, which may surprise some industry watchers.’
At the same time, added Brazil, firewall policy management remains a significant challenge. In a typical large enterprise, 35-40% of firewall rules are redundant, hidden or lack a business purpose – and two-thirds of policies are completely unnecessary.
‘When you juxtapose these conditions with research such as the forthcoming Verizon Enterprise Solutions PCI Report – which finds that firewall management remains one of the greatest threats to network security compliance – it’s clear this is a situation that commands a lot of attention,’ said Brazil.
Highlighting the impact of the State of the Firewall 2014 Report, Verizon found that ‘many companies fall out of PCI compliance once it is achieved,’ driven largely by firewall issues, and that ‘less than one-third were still fully PCI-compliant less than a year after being validated’.
Most notably, ‘of all the data breaches studied, Verizon’s findings clearly show that not a single company was fully PCI-compliant at the time of the breach’, further drawing a line between issues of firewall management and real-world breach incidents.