Products & Releases

Survey: Application Connectivity Bottlenecks Stem From Disconnect Between Application Owners And Network Managers

Tufin research shows network security teams deploy applications based on incomplete or inaccurate connectivity data
Chatham, New Jersey, June 12, 2013: Tufin Technologies, the market-leading provider of Security Process Automation Solutions, today announced the results of a recent survey. Previous Tufin surveys revealed that because application connectivity requirements drive the vast majority of firewall changes, managing application connectivity has become the number one firewall management challenge. This survey, conducted in April at InfoSecurity UK, was designed to get a better understanding of the problem. 105 IT professionals, ranging from network administrators to CIOs, reported that network security teams deploy applications based on incomplete or inaccurate connectivity data, resulting in delays, downtime, and unnecessary risk and compliance exposure.

Application Connectivity Challenges: A Quick Overview

1/3 of the sample report their organization has more than 500 applications, 74% report they will be deploying up to 100 new applications this year.

There is little standardization as to how organizations structure Application Connectivity processes. Network Operations teams work mainly with Application Owners (30%), but other Application Connectivity stakeholders include App Developers (26%), other network engineers (16%), or any variety of other parties such as a consultant, a VAR, the application vendor or an MSP (29%).

When it comes to determining connectivity requirements, 72% report they are given a list of ports to open. 19% look it up on the Internet, 13% look at logs, and 9% rely on trial and error.

Impact on Business Agility

55% report that applications are not deployed correctly the first time, mainly (67%) due to incorrect or missing connectivity data.

1/3 report the Service level Agreement (SLA) for application-related firewall changes is a week or more; 81% believe it should be between 1-3 days.

When asked what would enable a faster SLA, 1/3 cited more accurate information from application owners, 26% said knowing what ports to open, and 24% said faster risk/compliance approvals.

Impact on Security and Compliance

Administrators often have no insight into why a rule was created. 41% either use the (limited) firewall comments field or rule base sections to document the business justification for a rule. 13% don't document at all.

40% are not notified when an application is decommissioned.

30% take a "best effort" approach to remove unneeded connections when an application is decommissioned. 1/6 of respondents do nothing to decommission applications.

"This survey highlights the fact that security engineers are having to adopt new processes on the fly - processes that require them to interact with a new set of stakeholders," said Reuven Harrison, CTO, Tufin. "As a result they are not just changing who they work with but how they work. Anyone who has experienced this kind of change knows it is not easy. That's why we are putting so much development effort into SecureApp. SecureApp provides a much needed application connectivity model on top of our network abstraction layer, enabling security teams to rise above any existing technology constraints and collaborate with other IT groups for a common goal - application delivery and business agility.

About Tufin Technologies

Tufin&trade is the leading provider of Security Process Automation solutions that enable companies to dramatically improve the efficiency, compliance and security of their business processes through IT automation and analytics. By automating processes around increasingly complex enterprise networks and applications, IT can have a positive impact on the entire business by reducing costs and streamlining operations. The award-winning Tufin Security Automation Suite provides powerful automation that slashes the time and cost associated with managing change and successfully passing audits. Founded in 2005, Tufin serves more than 1,200 customers in industries including financial services, telecom, energy and utilities, government, retail, transportation, manufacturing and pharmaceuticals. Tufin partners with leading vendors including Blue Coat, BMC Software, Check Point, Cisco, F5, Fortinet, Juniper Networks, McAfee and Palo Alto Networks, and is known for technological innovation, first-to-market solutions and superior customer service.

For more information visit, or follow Tufin on:






The Tufin Blog: