Traditional firewalls fall short in protecting organizations, says survey

Even with a firewall in place, nearly a quarter of IT managers don’t know what’s going on with 70% of their network traffic.

That’s one of several key takeaways from a new survey, sponsored by Sophos, that asked IT managers in mid-sized organizations across the globe about how their firewall technology is working for them.

The survey covered IT managers from countries including the US, Canada, France, Germany, UK, Japan, India, South Africa and Australia. Respondents were from organizations ranging in size from 100 to 5,000 employees, in industries spanning several verticals, including technology, retail, manufacturing, professional services, utilities, education, and healthcare.

The survey responses reveal several “dirty secrets” of how traditional firewalls aren’t living up to their old promises, and how they fail to deliver the kind of visibility or responsiveness that organizations need to defend against modern threats.

Of course, visibility is a key component to security, as you can’t control what you can’t monitor. So if a protective measure, such as a firewall, isn’t aiding in providing that network traffic visibility, IT managers find themselves hindered in monitoring and controlling threats, and lagging in mitigation and remediation response times.

When there’s an active threat on the network, lost time means more time for malicious actors or rogue apps to cause damage. Survey respondents said on average each infected computer on their network takes 3.3 hours to identify, isolate, and remediate, so that real cost in time and resources adds up very quickly.

More key findings: IT managers report that, on average, 45% of their network traffic is unidentifiable and uncontrollable. And some industries have more challenges gaining visibility into their network traffic than others – healthcare industry respondents cite 67% of their traffic on average is unidentifiable, for example.

This lack of visibility is understandably a concern for anyone responsible for keeping an organization and its data secure, as you can’t stop unauthorized apps that you don’t know are running. You also can’t confidently answer questions about regulatory compliance or even productivity if illegal or inappropriate applications or content exists quietly on your network, undetected.

No doubt that’s why 85% of survey respondents cited a lack of application visibility as a serious security concern for their organization.

Does this sound familiar? Is your firewall just a checked box in your network inventory? Does it give you real visibility and control into what’s really happening on your network?

See how you compare – read the full results of the survey online: The Dirty Secrets of Network Firewalls.