According to a survey of corporate IT professionals by Ponemon Institute, an independent researcher, 67 percent of respondents answered that their organizations were vulnerable to attack due to inadequate firewall and port management security. A major component of server security, firewalls are systems that control access to a network by opening and closing ports to specified users — something of a traffic cop for servers and computers — and their management presents a number of difficulties that explain this sense of vulnerability.
Firewalls are very valuable tools for keeping certain users or types of users out of a network, but they can also keep authorized users from accessing a network due to errors or changes in an access location. An employee with access to a company server, for instance, could have trouble getting past a firewall if using a home computer or a mobile device. On a smaller scale, most personal computer users have experienced firewall interference when authorized applications try to perform new tasks or access new ports.
While closed ports present an access problem, open ports present a vulnerability for the network. Hackers can use these open ports to access a network — often assuming the identity of an administrative account to use an open port. An open port can be used both to upload malicious applications such as viruses and Trojan horses or to download confidential or sensitive information from a network. Finding the balance between access and protecting against these attacks is perhaps the fundamental challenge of firewall management.
Scaleability and Cost
In the delicate balance between access and protection, IT professionals are often forced to manually input exceptions to a firewall policy. According to the Ponemon Institute survey, 85 percent of respondents described this process as difficult and sometimes frustrating. Beyond professional frustrations, these manual exceptions also make it more difficult to scale firewalls when administrators have to input exceptions to access rules and increase the personnel and financial resources dedicated to firewall management.
The need to manually input exceptions to a firewall or input new rules to accommodate new threats or users can be a time-consuming process, even for highly qualified IT professionals. While firewalls are highly customizable and policies can always be rewritten, the time necessary to change access conditions often means that a firewall cannot be changed in time to respond to a new threat or grant immediate access to an authorized user trying to reach the network from a new location.