UTM appliances: How to choose among UTM vendors
We're in talks with vendors about purchasing a UTM device, and are having trouble winnowing down the field. We'd like to do a trial run of a few of the products with our systems, but to do so would be time-consuming, and it's likely that features of the products would've changed by the time we've tested them all. How many products would you recommend actually testing on our networks, and what's the best way to decide which ones to test?
One thing to keep in mind when deciding among unififed threat management (UTM) vendors
is your existing network platform. For example, if the enterprise is already running Juniper products, it might be easier to first consider Juniper's UTM platform. This can not only make integration and migration a bit easier, but there may also be cost benefits to expanding a deal with an existing vendor.
But that does not mean the organization should immediately rule out other leaders in this space. Given that UTM appliances tend to be deployed across critical connectivity paths on a network, make sure any UTM product implemented has the ability to protect the network adequately.
A good approach would be to narrow down the field to three or four established network/security appliance vendors whose products meet all the key requirements and rank the vendors based on initial product overviews. The actual bakeoffs (in the interest of time) might be best limited to the top two of the four vendors initially selected. For example, a good initial test case could involve a bake-off between a couple of the following vendors: Check Point (VPN-1 platform), Juniper (SSG platform), Cisco (ASA platform) and SonicWall (NSA platform).
This was first published in July 2010