This article can also be found in the Premium Editorial Download "Information Security magazine: Is your data safe from next-generation attackers?."
Download it now to read this article plus other related content.
Special Feature: Be Prepared
If there's any argument that will resonate with large enterprise network managers, it's this one. UTM strategies can dramatically decrease the number of devices in a network, which has the immediate side effect of increasing overall reliability (with fewer devices to fail, the mean time between failures of the system increases), and decreasing management and debugging difficulty (with fewer devices, it's easier to find where a problem is).
The physical network topology for a single-device solution is much simpler than any pre-UTM environment. In fact, integrating UTM devices can make some topologies easier to implement. While the plan for building a high-reliability firewall service-- usually by sandwiching pairs of firewalls between pairs of load balancers-- is well known, how these interact with a miscellaneous pile of threat mitigation devices is a different and more difficult planning question. With fewer devices in the picture, everything becomes less complex.
There are other complexities that can be ameliorated by use of UTM. For example, if a network has both a firewall and dedicated Web proxy, a goal of the network manager is to ensure all outgoing Web traffic goes through the proxy, and no unsupervised traffic moves through the firewall. This logical complexity, and the attendant risk of error or omission, is reduced if the Web proxy and firewall are
If adding UTM features to your network will help you to reduce or at least constrain complexity, then this is a strong argument in favor of UTM. If network complexity doesn't change much, you may have to find a different justification.
This was first published in June 2006