Steve Macdonald, Check Point Software Technologies Ltd. security solutions architect, said there are no real standards around importing access control lists or rule sets and the task can take up to 50 percent of the workload.

"What I find as a security professional is people don't change firewalls regularly, because once they achieve success [ with a brand] it is very rarely they walk away from it because of that management," MacDonald said.

"In some cases the ability to import configurations is partially automated, but you still need to do serious analysis. Not only is there a requirement to transpose rule sets but if human error is introduced it becomes dangerous to manage, and difficult.

"Imagine the process of reviewing 500 rules and making sure they match? Automation is highly desirable."