[2025 Next-Generation Firewall Report] Overcoming Challengers and Claiming the Throne: The Next-Generation Firewall

The Biggest Challenge in Firewall Operations Identified by Users: ‘Policy Management’

What Do User Preference Surveys Reveal About Next-Generation Firewalls and Firewall Policy Management?

In-Depth Analysis of Leading Firewall Solution Companies: Withnetworks

[Security News] Recently, cyberattacks exploiting firewall vulnerabilities have been rampant. Ransomware attackers have leveraged vulnerabilities found in Zyxel, leading to significant damage. Chinese hackers exploited a vulnerability in the FortiGate firewall, breaching the Dutch Ministry of Defense network and implanting malware. Even major security firms such as Cisco, SonicWall, and Juniper have faced security threats to their firewalls. In some cases, posts on dark web hacking forums have advertised access rights to firewall hosting servers of over 100 companies for sale.

However, many of these problems can be prevented simply through proper firewall management. Despite being at the forefront of network security, firewalls often do not receive adequate attention and maintenance.

The Issue Lies Not in the Firewall, But in Its Management

A closer examination of these incidents reveals that most could have been avoided with proper user management. Although vulnerabilities should not occur, patches are typically deployed swiftly once issues are identified. Furthermore, mismanagement of firewall configurations or leakage of server access credentials is not an inherent flaw of firewalls themselves but rather an issue stemming from external factors.

As demonstrated, continuous management is essential to ensure firewalls function properly. However, managing dozens or even hundreds of firewalls is a daunting task. Furthermore, because firewalls are often purchased based on specific needs, organizations frequently operate different brands and versions, complicating the management process.

What Is Firewall Policy? In simple terms, a firewall policy is a set of rules that control access. Every user and data packet must be granted permission to pass through a firewall, and this authorization is governed by policies. For example, if a user attempts to access a particular website from the internet, the firewall policy evaluates whether the site is safe and blocks access if it is deemed unsafe. Similarly, incoming data can be inspected and blocked if threats are detected.

However, policy management is often performed manually by administrators. Typically, policies are based on IP addresses, port numbers, protocols, and application types (e.g., allowing or blocking games or P2P programs).

For instance, if a company restricts access to dark web hacking forums but a security administrator needs to visit one for work-related reasons, they must request access from a manager. If the manager verifies that the request is legitimate, they grant access. The challenge arises when such requests come from multiple employees, requiring administrators to manage thousands of policies. Over time, forgotten or outdated policies can accumulate, creating security holes that attackers may exploit.

Additionally, policy implementation requires scripting in the appropriate programming language for the firewall in use. If an organization operates multiple firewall brands, the complexity of management doubles. Because policy changes can lead to network issues, administrators often implement them after business hours, resulting in frequent overtime.

Firewall Policy Management Solutions: A Necessity for Firewall Administration

This is where firewall policy management solutions come into play. These solutions enable centralized management of multiple firewalls, improving policy efficiency, enhancing security, and simplifying administration. They are particularly valuable in heterogeneous firewall environments.

By automating policy implementation, optimizing rules, enabling centralized control, and providing log analysis, firewall policy management solutions allow organizations to oversee multiple firewalls from a unified platform. This not only enhances efficiency but also ensures consistency in security policies while mitigating potential security gaps.

WithNetworks stated, “As digital environments evolve, firewall management has become increasingly complex. The need to handle different programming languages and integrate various firewalls presents significant challenges for administrators.” They emphasized that “firewall policy management solutions offer optimal administration and automation to minimize human errors and security risks.”

Industry reports indicate that most mid-sized and larger enterprises, including financial institutions, operate at least three different firewall brands. Since each firewall has distinct languages and policies, migration and integration across different systems are critical. Moreover, policy requests and implementations must be managed efficiently to maintain operational continuity. Given the difficulty of manually tracking these factors, firewall policy management solutions are gaining popularity.

Notably, some of the most successful solutions in the market have been co-developed by security vendors in collaboration with user organizations.

User Preferences for Next-Generation Firewalls and Policy Management

So, what are users’ actual needs and preferences regarding next-generation firewalls and firewall policy management?

<Security News> and <Security World> conducted a ‘Next-Generation Firewall Awareness and Preference Survey’ from January 13 to 17, 2025, targeting approximately 100,000 security personnel to gather user insights. A total of 2,151 security professionals responded, with 25.6% from the public sector and 74.4% from the private sector.

Are Users Adopting Next-Generation Firewalls?

When asked whether they use a next-generation firewall (NGFW), 49.8% of respondents confirmed they were using one, while 11.6% indicated they were considering adoption within 2025. Meanwhile, 38.6% reported not using one.

Alternative Solutions for Non-NGFW Users

For those not using an NGFW, respondents were asked which solutions they utilized. Respondents could select multiple answers, and the results were as follows:

1. UTM (Unified Threat Management) – 45.5%

2. IPS (Intrusion Prevention System) – 36.6%

3. WAF (Web Application Firewall) – 34.7%

4. Cloud Firewall – 19.2%, reflecting the growing adoption of cloud security.

   
   
5. 
   

How Many Firewalls Do Organizations Use?

Regarding the number of firewalls used per organization, the breakdown was:

• 2–3 firewalls – 32.5% (most common)

• 1 firewall – 27.9%

• 4–5 firewalls – 11.6%

• 6–10 firewalls – 8.8%

• 11–20 firewalls – 6.5%

• 21–30 firewalls – 4.7%

• 51–100 firewalls – 2.8%

• 300+ firewalls – 1.9%

• 41–50 firewalls – 1.4%

• 101–200 firewalls – 0.9%

• 31–40 firewalls – 0.5%

• 201–300 firewalls – 0.5%

Biggest Challenges in Using Next-Generation Firewalls

Respondents were also asked about their biggest challenges in using NGFWs. The top difficulties were:

1. Excessive policy management workload – 15.8%

2. Reduced visibility and control over traffic analysis – 12.1%

3. Limitations in detecting and responding to unknown, advanced APTs and zero-day attacks – 11.5%

4. Inaccuracies in detection (false positives and false negatives) – 11.1%

Key Considerations for Purchasing a Next-Generation Firewall

When selecting an NGFW, respondents prioritized the following factors:

1. Diverse case studies and references – 23.7%

2. Integration with existing IT infrastructure and security solutions – 17.7%

3. Brand recognition – 13.5%

4. Security effectiveness – 13.0%

5. Cost of adoption – 12.6%

6. Maintenance and technical support – 9.3%

7. User interface and ease of use – 4.2%

Most Important Features in a Next-Generation Firewall

When asked about the most crucial feature in an NGFW, respondents highlighted:

1. Traffic visibility and anomaly detection – 23.3%

2. Zero-trust security through device verification – 16.7%

3. Application control – 15.3%

4. User-friendly interface – 12.1%

5. C&C (Command and Control) detection and blocking – 10.7%

6. VPN functionality – 8.8%

7. Visibility into encrypted traffic – 6.5%

8. Antivirus and anti-spam capabilities – 6.1%

Adoption of Firewall Policy Management Solutions

Regarding firewall policy management solutions, 51.2% of respondents acknowledged their necessity but had no immediate plans for adoption. Meanwhile, 20.0% stated they had no plans to adopt such solutions at all. However, 15.3% planned to implement them within 2025, and 9.3% had already deployed and were using them—indicating growth potential in this sector.

High Growth Potential for Next-Generation Firewalls and Policy Management Solutions

Firewalls are considered a fundamental security measure, and nearly all organizations—whether enterprises or government institutions—install and operate them. However, many fail to manage them properly, leaving security gaps that cyber attackers exploit. Many firewall-related incidents occur because users fail to manage access rights or apply security patches in a timely manner.

Additionally, as organizations expand and increase their workforce, they often add firewalls from different brands, creating complex management challenges for already understaffed security teams.

Therefore, rather than merely adopting firewalls, organizations must ensure they utilize them effectively. NGFWs integrate many traditional security functions, such as network switching and routing, and can serve as a comprehensive network security foundation when used correctly.

Although firewalls are often replaced only after reaching their end-of-life rather than driving new market expansion, there is still significant demand for NGFW adoption. Moreover, with growing concerns over firewall vulnerabilities, firewall policy management solutions are gaining traction.

The global market reflects this trend. According to a report by Global Market Insight (GMI), the next-generation firewall market was valued at $4.8 billion in 2023 (approximately KRW 6.9 trillion). The report projects a 7.5% annual growth rate (CAGR) from 2024 to 2032, reaching $9.2 billion (KRW 13.2 trillion) by 2032.

As such, expectations for NGFWs are as high as for any other security solution, and their growth potential remains strong. Given the critical role of firewalls, demand for firewall policy management solutions is also expected to persist.

[Firewall Solution Focus - 5]

‘withFLOW’ Accelerates Growth, Emerging as a Key Player in the Firewall Policy Management Market

WithNetworks Sets a New Standard for Firewall Policy Management Automation with ‘withFLOW 3.0’

WithNetworks is an integrated security platform company specializing in the development, implementation, and operation of security solutions. Leveraging its technical expertise, WithNetworks provides optimized security solutions tailored to its clients' environments. Since launching its firewall policy management solution, withFLOW 1.0, in 2019, the company has automated complex heterogeneous firewall policy management for various industries, including finance, manufacturing, and retail. With continued enhancements in technological capability and stability, withFLOW has achieved remarkable growth and is now recognized as a leading solution in the firewall policy management market.

Recently, withFLOW was upgraded to version 3.0, further strengthening policy management and auditing capabilities. This latest upgrade delivers an advanced policy automation process, a significantly enhanced user-friendly interface, and broader applicability across industries. Additionally, withFLOW has been registered on the Public Procurement Service's Digital Service Mall, allowing WithNetworks to expand its presence in the public sector security market.

Optimized Firewall Policy Automation with withFLOW

Cybersecurity threats are becoming increasingly sophisticated and complex. To strengthen their security posture, many enterprises deploy firewalls from multiple vendors. However, managing heterogeneous firewalls can introduce security gaps due to operational challenges.

WithFLOW automates the entire firewall policy lifecycle, from policy requests, design, review, application, and auditing, maximizing security management efficiency while reducing operational costs.

Key functionalities include:

• Real-time validation during policy design to detect redundant or conflicting policies, reducing security risks and improving operational efficiency.

• Automated firewall policy route visualization by integrating firewall routing paths with network switches, providing a clear and flexible network topology overview.

• Enhanced network topology visualization, allowing administrators to:

  • View the entire firewall configuration at a glance.

  • Identify optimal routing paths intuitively.

  • Mitigate security blind spots.

• Seamless integration via API, ensuring compatibility with complex enterprise systems.

• Scalable architecture to support future expansions and evolving security requirements.

With these advancements, withFLOW continues to set new benchmarks in firewall policy management automation, solidifying its position as an industry leader.

Enhanced Management Efficiency Through Automated Policy Optimization

Firewall policy management tends to become more complex over time, increasing administrative burdens. The longer a firewall is in use, the more unused, duplicate, and expired policies accumulate, leading to decreased operational efficiency. If left unmanaged, these issues can degrade firewall performance, introduce policy errors, and create excessive workload for administrators. This increases the risk of human error, which can compromise network security and expose organizations to significant security risks.

WithFLOW addresses these challenges by automating policy maintenance and providing detailed reporting functionalities to optimize policy management. The system continuously analyzes policy and object usage in real time, automatically detecting key management points, including:

• Unused policies

• Duplicate policies

• Overly permissive policies

• Expired policies

This allows administrators to quickly identify and address potential risks, ultimately enhancing overall security posture and operational stability.

Unused policies accumulated in legacy systems can compromise policy consistency, leading to configuration errors. To mitigate this, withFLOW automatically cleans up outdated policies and provides comprehensive reports, giving administrators an intuitive overview of policy usage. This enables swift decision-making, reduces administrative workload, and maximizes operational efficiency in security management.

Automated Compliance Management for Regulatory Adherence and Auditing

WithFLOW also automates compliance management, ensuring alignment with internal security policies and the latest regulatory audit requirements. Organizations can configure industry-specific compliance checklists and define automatic validation criteria tailored to their security standards.

Key compliance features include:

• Automated security checks based on industry-specific regulations

• Real-time monitoring of compliance status

• Detailed reports highlighting both compliant and non-compliant items

Administrators can use this data to develop strategic security measures, ensuring compliance while also strengthening security oversight. These reports serve as a foundational resource for regulatory adherence and security management improvements.

Jong-Up Ahn, CEO of WithNetworks, stated:

Currently, WithFLOW is expanding into global markets, leveraging its expertise in the financial, manufacturing, and retail industries. WithNetworks aims to become a leading provider of firewall policy management solutions worldwide, building upon its technological advancements and extensive experience in the domestic market.

Security News, boanone@boannews.com