25 percent of all changes to firewalls are unnecessary, according to Avishai Wool, co-founder and CTO of firewall management software provider AlgoSec.
With thousands of firewall rules arranged in a complex hierarchy, few system administrators have the time to check all the rules when a request for a rule change comes in, he told InternetNews.com.
As firewall rule sets burgeon, their complexity slows down the network, he added.
All of this happens in a regular network. The issues grow even more complex when two companies merge, Wool said.
Wool said that AlgoSec’s product, the AlgoSec Firewall Analyzer (AFA), can proactively analyze rule sets and tell an administrator whether a change is unnecessary — or whether it would expose the network to unacceptable risk.