Firewall woes

TIPPINST – Network world have an article this week about how difficult it is to move from one firewall product to another. The lack of export utilities and the fact that vendors don’t seem to keep to any common standard means that it can take up to 6 months for a large enterprise to move from one firewall to another. In most cases the firewall rules have to be rewritten from scratch. This has created a cottage industry so as least some one is gaining from it.
The lack of standards is a key problem however. In my previous employment we could not get a raptor firewall to talk to a cisco pix firewall even though they were supposed to be using the same tunnelling protocol etc. There is a still a 1980’s mainframe mentality out there with firewall vendors. i.e. you either use our product throughout your enterprise or you do not use it all.
Network World – Swapping out firewalls easier said than done