Firewalls, Unified Threat Management systems, Intrusion Protection Systems and other such devices are only 60% effective out of the box and in some cases as low as 20%.
These were the shocking figures provided in an interview with Anthony Haywood of Idapcomm. However he went on to say that on average with a good security person, the effectiveness goes up to 80% efficiency against all known malware.
Unfortunately, this means that on average the majority of corporate firewalls are allowing through a minimum of 20% of all known malware.
Companies are advised against wasting budget on buying bigger and better to cope with greater malware infections when all that was required was to ensure the correct rules were configured.
To compound these problems, according to Michael Hamelin, Chief Security Architect of Tufin on average many organisations do not audit their firewalls for years if at all.
As a result old or redundant rules may still exist in the device which both slows down network access and potentially allows unwanted access.
Idapcomm says that solutions exist that can help increase the efficiency of existing devices by passing a variety of known attack vectors through a corporate’s existing devices to locate their weaknesses.