How to manage the Complexity Gap

Firewall infrastructures have grown overly complex and organisations must learn to better manage them to realise the true potential of their security investments.

Managing a company’s security infrastructure is a bit like a circus act. Security teams are under tremendous pressure to not drop the ball as they juggle between managing the company’s infrastructure while detecting and preventing cyber attacks from infiltrating and shutting down the systems. Unfortunately for them, they lack the resources and man-power to continually maintain the firewalls and keep the high standards needed for the company to function. The problem: firewall infrastructures have grown complex resulting in a calamitous final act with data breaches costing millions in damages and the company left with pie on its face.   

The Firewall 

Firewalls have long been the guardians of the enterprise, controlling traffic in and out of an organisation using rules and policies set by security teams in order to adhere with various requirements both corporate and industry-wide compliance regulations. According to FireMon’s latest State of the Firewall Report, a global benchmarking study of over 400 organisations’ security environments, the firewall isn’t going anywhere. In fact, its role is expanding to include protection of cloud and SDN environments, and organisations continue to spend at least a quarter of their budgets on the firewall. No matter which route organisations go down to meet their networking requirements, firewalls continue to support it all, from traditional to next-generation to native or cloud options.   

More than half of companies said that firewalls have a place in securing cloud environments, and by and large, respondents believe traditional firewalls will adapt to SDN models. In addition, six out of ten will use NGFWs in virtualized environments. Four out of ten will use traditional firewalls. 

And while the significance of firewalls cannot be disputed, they still remain as a sticking point for many organisations in terms of management and using the technology to its fullest potential. 

Top Challenges   

The number one issue surrounding firewall management for 27% of the organisations surveyed was complexity. With the number of firewall management challenges mounting so too are the risks and costs as IT security personnel find it increasingly difficult to adequately prioritise resources.  

Today’s corporate network infrastructures are highly likely to consist of multiple vendor firewalls with two thirds assessed stating they have up to ten or more, further adding fuel to the IT security fire. The truth of the matter is companies are still struggling to properly manage and use firewalls to their full potential. Network systems have become so complex that a single malfunction or error could shut down a company’s system, exposing the business to cyber attack. Furthermore, large enterprises (15,000 employees and above) were found to process over 100 changes per week on their firewall with the majority not even leveraging any automation to help ensure a swift, accurate process. Even more shocking was the fact that 60% of organisations admitted to tracking changes manually via Word documents, emails and spreadsheets. 

Additional concerns are the impact cloud and software defined networking (SDN) will have on organisations, specifically regarding where the security accountability lies. In fact, more than one third of respondents stated responsibility for cloud security falls outside of security operations, which adds an extra layer of complexity to security management. This will require a change management process to adapt to a faster, more diverse environment. The feeling within the industry is that firewalls will be more important than ever in securing cloud environments, as well as being able to adapt to various cloud and SDN models. 

Reducing complexity 

To better manage the threat from cyber attackers, the objective has to be to close the complexity gap - or the discord between the growing number of threats, the technology in place to prevent them and the lack of cyber skills to keep pace - before its damage is irreversible. The key to improving security will be effectively managing the inherent complexity of the technologies and keeping pace with the environments in which they reside.   

Now there are less security resources to monitor and manage the increasing number of technologies that are used within organisations. To tackle this, management technology systems that utilise automation in a clever way have been identified as the ideal remedy. Security management is more important than ever to remediate the key issues within the complexity gap and offers visibility, intelligence, integration and automation.   

To adequately manage a system, an enterprise needs management security systems that can act as an umbrella, to encompass multiple vendor firewalls and other technology that makes up the security infrastructure. Security management adds an additional layer of protection which can work in tandem with any firewall, regardless of vendor, to quickly and accurately assess risk and control policies in a centralised way.   

Using Automation 

With only 40% of large enterprises using automated processes for change management, there is untapped opportunity for operational efficiency improvements that will set organisations up to support the shift. A recent study conducted by Forrester Consulting found that “Managing and auditing firewall rules on a manual basis can expose an organisation to greater risk of a breach, not to mention the additional time and senior resources needed to add new rules and address change requests.” 

For organisations looking to reduce the likelihood of breaches and adapt their practices to meet networking demands, they need a global view of their policies that spans infrastructure types. Manual, device-by-device management is not sustainable. Automation will be critical to enabling dynamic management - from automating data intake to automating workflows to automating intelligence based action. 

As networking evolves to meet the needs of an “on-demand” society, security will have to evolve too or risk becoming a bottleneck or, worse, ignored altogether. 

Regardless of what the networking environment looks like, firewalls continue to support it all; and for a majority of organisations, a least a quarter of their security budgets are dedicated to them, showing that the firewall is here to stay. With better management of those technologies, no matter what vendor or vendors are chosen, organisations can start to realise the true potential of their security investments and greatly reduce risk from data breaches and cyber attacks. 

Michael Callahan, VP, FireMon

Image Credit: Pavel Ignatov / Shutterstock