- Most firms fail high-severity compliance checks, report claims
- Many fall short at critical levels, putting them at risk
- Misconfigured firewalls could lead to downtime and cyberattacks
Firewalls are a staple of corporate cybersecurity and, next to multi-factor authentication (MFA) and endpoint protection solutions – essentials in every security tech stack.
However, how many companies run a misconfigured firewall which gets in the way instead of helping?
A new report from FireMon found 60% of enterprise firewalls fail high-severity compliance checks “immediately upon evaluation”, with another third (34%) “failing short at critical levels”.
How to stay safe?
For the researchers, this is a sign of deeper governance issues that could result in audit failures, operational downtime, or increased threat exposure.
The problems are not contained to a single environment – on-prem, cloud, and hybrid, all suffer from the same woes – misconfigurations, outdated rules, and bloated policies, leading to reduced performance, compliance risks, and more.
FireMon found that 95% of application objects and 82% of service objects show zero usage, which means they are unnecessary overhead and are just expanding the attack surface.
A third (30%) of firewall rules are completely unused, too , with 62.6% lacking any owner or documentation, leading to audit gaps and operational blind spots.
Finally, more than 10% of rules are either redundant or shadowed, reducing performance and hiding dangerous misconfigurations.
“Firewall complexity isn’t just a configuration issue, it’s a threat to resilience and trust,” said Jody Brazil, CEO and founder at FireMon. “Security teams are buried under policies they can’t explain, map to business objectives, or manage at scale.