Back in the summer we ran a little survey on SpiceWorks and almost 400 Small and Medium Business IT managers gave us their view on the main challenges they have with their current firewall. But some of the results weren’t exactly what we were expecting.
The #1 rated issue was the lack of reporting options
35% of respondents said their firewall provides insufficient reporting and 22% also cited lack of visibility into infected machines which speaks to a lack of useful insight too. Users are hungry for bandwidth and regulatory compliance is becoming increasingly important so it’s not really surprising that IT managers crave a better view into what’s happening on their network.
What is surprising is that so few firewall vendors offer their users what they need. Compare the leading UTM/Firewall vendors and you’ll find just one who has over 1000 reports available built-into the appliance. I’ m sure you can guess who check here if you can’t! At Sophos we prioritize reporting and in addition to the on-box reports we also offer Sophos iView our dedicated virtual reporting appliance for those that simply need more reports or want to correlate reporting across multiple appliances.
Complexity is still the enemy of security
We all know IT threats are complex and the survey confirms that all too often the products designed to solve security problems are far too complex too. Ease of use only narrowly misses out on top spot with 34% saying its a frustration. Adminstrators need a strong link between seeing what is happening and doing something about it. This is essential in security products where a weakness at one point on the network can quickly become a problem for the entire organization.
Advanced threats? We’re covered, at least we think we are!
Other surprising results were how few people cited lack of protection against advanced threats and poor performance as weaknesses. We hear a lot about how traditional firewall and antivirus technologies can no longer protect against sophisticated Advanced Persistent Threats. This is seemingly a non-issue for 90% of those surveyed. IT managers are either confident their firewalls have the necessary protection place, like command and control detection and sandboxing, or simply have more pressing needs and don’t see advanced threats as their concern but for governments and larger enterprises to worry about.
Performance matters or does it?
That performance rates so low is possibly the biggest surprise. Performance is often a key concern for buyers when selecting a firewall with technical data, sizing guides and comparative reports providing useful guidance for buyers to select the right firewall for their needs. This result suggests the guidance and advice of channel resellers is proving effective and buyers are
right-sizing their firewalls.
All in all some interesting results that suggest reporting and ease of management should be carefully looked at when selecting a replacement firewall. But maybe this is not really that surprising after all as these areas do reflect the core focus of network security managers. Without visibility into what’s happening, or the ability to quickly put protection in place an IT Manager’s life becomes very difficult.
Sophos UTM – ease of use and on-box reporting as standard
Sophos UTM is designed to be easy to use and includes extensive on-box reporting as standard – no need for additional hardware or subscriptions. Our new SG Series appliance all include a hard drive or a solid-state disk, giving you comprehensive reporting that you can access in seconds. So you can see what’s happening on your network in real-time and quickly access historical data. Watch this short video to see it in action. On-box reporting as standard is just one of the reasons to make your next firewall a Sophos firewall.