Unified Threat Management Guide for Managers


This article can also be found in the Premium Editorial Download "Information Security magazine: Is your data safe from next-generation attackers?."

Download it now to read this article plus other related content.

Special Feature

Be Prepared
By Joel Snyder

Vendors are talking about unified threat management, but is it right for you? We'll dissect the five arguments in favor of UTM.

It makes sense in theory: Combining security functionality--such as antivirus, intrusion detection and firewall--into one appliance gives infosecurity professionals a security Swiss Army knife of sorts.

In reality, however, unified threat management is not defined by what is in the appliance, but by your reason for wanting to put more than one function in a single device. There are five main arguments in favor of UTM: It provides for consolidation, thereby reducing costs; it improves performance; it reduces complexity; it simplifies management; and it increases flexibility.

By understanding the merits of these arguments, you'll have a better idea of whether UTM is right for your network.

Current UTM devices pick from a menu of more than a dozen options including network firewalls, application and XML firewalls, site-to-site and remote access VPNs, antivirus and antispyware, antispam and antiphishing, bandwidth management, intrusion prevention and detection, application control, content filtering, and Web proxy.

In other words, UTM has come to mean "a security feature we added to our firewall/ VPN device." In short, there are no firewall vendors who don't want to count themselves

    Requires Free Membership to View

in the UTM space.

What does this mean for you? The question isn't whether you should be buying a UTM firewall, but rather, should you be using UTM features? If you're buying a firewall, you're getting a UTM device.

The UTM question is further confounded by an interest from high-end firewall vendors to push UTM into enterprise networks. Until recently, the easiest place to implement a UTM firewall was in an SMB network. It is a simple proposition: UTM firewalls often add security features that the network didn't have. Going from no gateway antivirus to a UTM gateway antivirus isn't a hard decision to make. Adding another layer of protection is no guarantee, but when it's a matter of checking the "Enable Antivirus" box and paying a subscription fee, the cost/ benefit ratio usually encourages SMB users to turn on these extra features.

However, in a more sophisticated enterprise network, you'll find multiple threat management devices, ranging from e-mail firewalls to IPS devices and Web proxy servers, already in place. Here, UTM raises a more difficult question: Should I use the UTM features of the firewalls, or should I continue with point solutions to solve my problem?

To answer this key question, we'll give you the metrics you can use to map these to your own network.

This was first published in June 2006

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: