Report highlights widespread misconfigurations, outdated rules, and policy bloat.
Around two-thirds of enterprise firewalls fail high-severity compliance checks immediately upon evaluation, with a further 34% falling short at critical levels.
A new report from FireMon highlights widespread misconfigurations, outdated rules, and policy bloat across on-prem, cloud, and hybrid environments.
Among the most alarming findings: 95% of application objects and 82% of service objects were unused, adding unnecessary complexity; 30% of firewall rules were completely inactive; and more than 60% lacked ownership or documentation - leaving organisations exposed to operational and compliance risks.
In over ten percent of cases, rules were redundant or shadowed, degrading performance and obscuring dangerous misconfigurations.
“Firewall complexity isn’t just a configuration issue, it’s a threat to resilience and trust,” said FireMon CEO Jody Brazil. “Security teams are buried under policies they can’t manage or justify. FireMon Insights cuts through that noise.”
Written by
Dan Raywood is a B2B journalist with 25 years of experience, including covering cybersecurity for the past 17 years. He has extensively covered topics from Advanced Persistent Threats and nation-state hackers to major data breaches and regulatory changes.
He has spoken at events including 44CON, Infosecurity Europe, RANT Forum, BSides Scotland, Steelcon and the National Cyber Security Show, and served as editor of SC Media UK, Infosecurity Magazine and IT Security Guru. He was also an analyst with 451 Research and a product marketing lead at Tenable.
