With organizations also considering internal perimeters for critical information assets, Warrilow said scalability has also become a management issue.

"It's one thing for a security administrator to manage three or four perimeter firewalls; 20 or 30 is another matter entirely," he said.

"Change and configuration management become critical while policy deployment and validation become 'must-haves' to minimize the risk of accidental misconfiguration."