Security pros find corporate firewall rules tough to navigate

Posting on June 15th to SearchSecurity:

"Corporate firewalls usually contain a security-Pandora's box of rules, representing prioritized sequences of allow or deny decisions that only the most brave security operator dares to modify. Removing or re-sequencing firewall rules runs the risk of blocking approved business communications or of opening a hole exposing the business to unauthorized traffic. It is near impossible for a human to manually audit firewall rules across the enterprise to reduce risk, optimize firewall device performance, and streamline data paths through routers, switches and firewalls. Security teams are turning to firewall management tools to perform security audits of the infrastructure and automate operational control of the firewalls. ..."