60% of enterprise firewalls fail initial compliance - study

FireMon has published analysis showing that 60% of enterprise firewalls fail high-severity compliance checks at first evaluation, highlighting ongoing challenges in network security policy management.

The findings, drawn from FireMon's AI-powered FireMon Insights analytics platform, were based on anonymous deployments across large enterprises and regulated industries operating in on-premises, cloud, and hybrid environments. The report identifies widespread misconfigurations, outdated rules, and excessive policy complexity as persistent issues contributing to compliance and security risks.

According to the data, in addition to the 60% failing high-severity checks, a further 34% of firewalls did not meet critical compliance requirements. These compliance shortfalls are not just technical in nature; they indicate deeper governance issues that can contribute to audit failures, operational downtime, and increased vulnerability to cybersecurity threats.

The report also found that 95% of application objects and 82% of service objects within firewall environments showed no usage, thereby increasing unnecessary administrative overhead and broadening the potential attack surface. About 30% of firewall rules were reported as completely unused, while 62.6% lacked ownership or documentation - factors that create audit gaps and operational blind spots. In addition, more than 10% of rules were found to be redundant or shadowed, affecting performance and obscuring potential misconfigurations.

Industry perspectives

Organisations have been trying to untangle firewall complexity for years, but too often the tools fall short, either offering static snapshots or failing to provide the operational context that teams actually need. That's why platforms like FireMon Insights matter. They offer a level of clarity and benchmarking that helps teams move from reactive fixes to informed, proactive decisions. FireMon has long been a trusted name in policy management, and it's good to see them pushing the industry forward in this space,

said Mark Miller, Chief Revenue Officer at EncoreCyber.

Jody Brazil, Chief Executive Officer and Founder at FireMon, explained the significance of these findings for security teams dealing with operational complexity.

Firewall complexity isn't just a configuration issue, it's a threat to resilience and trust. Security teams are buried under policies they can't explain, map to business objectives, or manage at scale. FireMon Insights cuts through the noise. It benchmarks your performance, exposing what's been missed, and helping you take action before it turns into disruption.

FireMon Insights utilises continuous benchmarking to track compliance key performance indicators and identify misconfigurations in real time, offering always-on visibility across hybrid and multi-vendor infrastructures. This approach is in contrast to legacy tools, which often rely on static scans that may not reflect real-time conditions. FireMon positions its platform as a way for organisations to move from reactive remediation to more proactive governance of network security policies.

Platform enhancements

Recent enhancements to the FireMon Insights platform include device-level metrics grouped by complexity, risk, and environment for greater contextual analysis. Additional features include closer integration with FireMon Policy Manager, an AI-powered natural language search and chatbot to allow users to interact with platform data without specific training, and expanded peer benchmarking so organisations can gauge their position within the industry. FireMon stated that these capabilities are provided at no additional cost to current customers.

Commenting on the adoption of the Insights platform, Brandy Peterson, Chief Technology Officer of Cloud Security Operations, said:

Since its initial launch in January 2025, FireMon Insights has quickly become the go-to analytics platform for our customers' security teams. What's been most exciting is the engagement - early adopters across roles are having real 'aha' moments, and their feedback directly shaped this release.

The platform aims to help security teams shift from responding to support tickets to executing more strategic security operations by improving visibility into policy health, benchmarking against peers, and monitoring baseline controls. This supports progress measurement against business objectives and adjustment as required.

Dan Rheault, Director of Product Management at FireMon, addressed broader industry challenges around policy management:

Collectively, the cybersecurity industry has been driving organisations to a point of sophistication that actually distracts their cyber strategy from implementing required capabilities and measuring operational outcomes. Teams are turning to FireMon for a smarter, more sustainable path forward.

Rich Mogull, Senior Vice President of Cloud Security at FireMon, explained the value proposition of the Insights platform:

Most tools only tell you what happened. Insights tells you what's happening now and more importantly, what to do next. It's not about more alerts. It's about clarity and action, at scale.

Market context

The analysis arrives as security operations continue to demand both speed and accuracy in an environment of increasing policy complexity and compliance requirements. FireMon reports ongoing momentum with the recognition of FireMon Insights as a finalist in a recent technology award and recent appointments to the company's leadership team to support continued expansion and operational focus.