Most organizations are receiving a poor return on their firewall investments, according to an IDC multimedia white paper sponsored by McAfee. The findings are outlined in a study titled “The State of Today’s Firewall Management Challenges,” which concludes that an increasing number of network attacks, combined with an increasing amount of firewall rule sets, contribute to the high cost of operating firewall architecture, as well as the lack of effectiveness against vulnerabilities.
IDC surveyed 260 firewall managers and IT executives in United States and Europe, finding that many legacy firewalls depend on cumbersome technical rules that complicate an organization’s ability to audit and control compliance requirements. As a result, organizations drive up manual labor costs by dedicating employees to updating firewall rules, or chasing access or availability issues. Additionally, many network attacks result in data breaches, placing extreme costs on the organization.
IDC’s survey results illustrate the following:
- The average enterprise faces about 300 network attacks every year while 10 percent of the organizations experienced more than 1200 attacks per year.
- Respondents indicated that losses from data breaches were equivalent to more than 75 percent of their costs for operating firewall architecture.
- Firewall rules continue to grow to the point where firewall rule sets can number in the thousands or even tens of thousands. The larger the firewall rule set, the more complex rule management becomes, and the harder it is to keep rules current and to prevent gaps in the protection.
- Those who have large firewall rule sets admit that firewall rule management reduces business responsiveness.
Greg Brown, Senior Director of Network Security Product Marketing at McAfee commented:
There’s a huge disconnect between the traditional firewall and the level of protection required for most enterprise environments. Firewalls must offer comprehensive security features without increasing complexity. Additionally, rules management must be simplified and should enforce the actual business security policy in order for organizations to receive the maximum benefit.