Essential Guide

Enterprise firewall protection: Where it stands, where it's headed

A comprehensive collection of articles, videos and more, hand-picked by our editors
Q

UTM devices: Efficient security or a firewall failure risk?

UTM devices provide more protection than a simple firewall, but do they increase the risk of an enterprise firewall failure?

One of our vendors recently released an upgraded firewall that includes intrusion prevention system (IPS) and integrated application control, among other functions. Do you think adding multiple types of technical capabilities to a single appliance increases the likelihood of a failure of some kind, and if so, does it require rethinking redundancy and failover requirements for these "next-generation" firewall appliances?

Ask the expert

Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)

The devices you’re referring to are commonly known as unified threat management  (UTM) devices. At their most basic level, UTM devices are firewalls, but they’re equipped with other security features that may include intrusion detection and prevention capability, content filtering, virtual private networking (VPN), antivirus or antimalware capabilities, data loss prevention (DLP) and vulnerability management.

Personally, I wouldn’t worry about increasing the possibility of a failure.  A firewall is such a critical component of your infrastructure that fault tolerance shouldn’t be considered optional. Your network should be designed to be resilient enough to handle the failure of a single firewall, be it a dedicated firewall or a UTM.

More on UTMs

Information Security magazine: Unified threat management devices for the enterprise
UTMs aren’t just for SMBs anymore. Read Joel Snyder's four requirements for enterprise-grade UTM.

What most concerns with a UTM device is the amount of processing power you can pack into a single appliance.  If you’re in a large enterprise, you’ll probably find you’re better off with special purpose devices fulfilling each of the security functions covered by a UTM. Conversely, UTMs are a great benefit for small enterprises with low network throughput, especially in cases where the organization would not be able to afford the full suite of services offered by the UTM without the bundled discount.

For more on UTM’s role, see my tip on the topic: UTM features: Is a UTM right for your layered defense?

This was first published in April 2012

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Essential Guide

Enterprise firewall protection: Where it stands, where it's headed

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close