A new study shows as many as 50% of all firewalls rules are invalid. Many rules administrators put in simply use "Any" as a source or destination. This means that the average firewall policy has an easy door for attackers. Attackers are using this lazy practice to gain access to networks. Our research shows rules are written this way not because administrators are lazy but because they don't know any better. As a general rule it is lack of training and understanding that leads to this style.
If you are going to invest in a firewall invest in proper training on using it. Firewalls, any brand, will do what they are told. If you get attacked don't blame the device. That is like blaming the car manufacturer when you bump someone in traffic because you are texting.