Call me an old fuddy duddy, but I'm not a big fan of unified threat management (UTM) technology. This approach...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
builds multiple security services into a single device, promising ease of management and more efficient updating, as well as reduced cost. However, I see a few major drawbacks to the UTM approach:
- Vendor lock-in -- UTM commits an enterprise to using a single vendor for its entire security infrastructure. The best-of-breed approach, however, allows security pros the freedom to choose the best security tools they can find, rather than putting all of their security eggs in a single vendor's basket.
- Questionable time-savings -- I'm not so sure that a UTM increases operational efficiencies. After all, managing an IPS, firewall and Web filter are really different tasks. While it might be possible to use a single management console to do all these things with a UTM product, you'll still be clicking around each area. How much time does it really take to open three different interfaces instead?
- Lack of redundancy -- I definitely don't like the idea of having multiple security services running on the same piece of hardware. In addition to the potential loss of defense in depth if the device is compromised, it puts the company at risk of losing all its security services in the event of a platform failure.
So, now that I've painted a bleak picture for UTM, let me temper my advice. There is definitely a place for UTM in the market, especially for midsize businesses looking for a way to add new security services to their infrastructure at the lowest possible cost. My point is to simply be wary of the potential drawbacks as well as advantages during the UTM technology evaluation process, or for that matter, when evaluating any network security technology.
For more information:
- Check out this screencast on how to configure a UTM device.
- Five considerations for securing a midmarket company: Read more.
Dig Deeper on UTM Appliances and Strategies
Related Q&A from Mike Chapple
Cloud compliance issues are no reason for enterprises not to move to the cloud. Expert Mike Chapple explains why, as well as what to keep in mind ...continue reading
The GAO reported on SEC cybersecurity weaknesses, even though the SEC regulates cybersecurity. Expert Mike Chapple discusses the effects of this ...continue reading
Enterprise compliance can be a burden to manage, which is where a PCI ISA can be helpful. Expert Mike Chapple explains how a PCI Internal Security ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.