This article can also be found in the Premium Editorial Download "Information Security magazine: Is your data safe from next-generation attackers?."
Download it now to read this article plus other related content.
Case Study: UTM Boosts Hospital's Immunity
Marsh and Conrad credit Fortinet with helping them roll a variety of security tools into one UTM system. They've deployed two FortiGate-800 enterprise-class systems--one inside the headquarters' core data center, where it runs AV and scans all Internet traffic; the other inside one of the hospitals, where it's used for intrusion detection and prevention and security policy enforcement.
The FortiGate systems also receive automatic antivirus signature and Web content filtering updates. Marsh and Conrad say the product has helped them protect data in a way that is essential to their HIPAA compliance.
But they were not looking for a UTM appliance, per se. They simply wanted an extra tool to scan Web traffic and block spyware and other suspicious content. They looked at products of all stripes, including Trend Micro's InterScan VirusWall and CyberGuard's Webwasher, but determined that those products were more expensive and complex than they wanted.
"With InterScan VirusWall, you had to buy software, a big server and licenses for however many users you needed it for," Marsh says. "I liked Webwasher, but there was an issue with how it charged per seat."
They found the simplicity and cost-effectiveness they were looking for in a UTM appliance from Fortinet. And while they're only using it for the Web filtering, Marsh said the extra features found are a bonus because they give the Caritas
One of the reasons Marsh and Conrad chose the Fortinet platform is because it allows them to get the biggest bang out of their open-source tools. "The whole device is based on open source," Marsh says. "It took open-source tools, improved them and put them into a box that makes everything work more efficiently.... We use Snort and other custom tools for IDS. What's great about it is that we can load it onto some older hardware, and it allows you to be smart with the budget you have. And it just works well."
Not that it's perfect: Snort requires some "babying," especially when it comes to separating true security events from normal network noise, says Marsh.
In the end, "Our philosophy is that if you can go with open source, if it works better than some of the other things out there, you go with it," Conrad says.
This was first published in June 2006