Tip

Unified threat management: The next level of network security

A new product category called unified threat management (UTM) has emerged. These devices promise integration, convenience and protection from pretty much every threat out there -- and are

    Requires Free Membership to View

especially valuable to small and medium-sized businesses (SMBs).

Evolution of UTM

The network security business has evolved rather incrementally over the years, largely driven by threats -- as opposed to thoughtful architecture. First there was the token authenticator, designed to protect all of those crazy employees dialing up into a remote-access environment.

Then as direct connections to the Internet hit widespread deployment in the mid-90s, there was a need to protect those connections with firewalls. But firewalls were rather unsophisticated devices, so products that could detect an attack pattern (intrusion detection) came into vogue. Subsequently we've seen gateway antivirus, antispam, Web content filtering, anomaly detection, Web application firewalls and a host of other new products emerge to stop very specific threats.

SMB technologists are sick of it. All of these products have different management consoles, none work together, and most are marginally effective. SMBs don't have extra people or dollars lying around to maintain the status quo.

Adoption decisions

So should you turn off your existing equipment and move to these new platforms? Yes. Your choices are pretty straightforward: continue to renew the maintenance on your existing device(s), or buy something new. Given the competitive nature of the UTM market, out-of-pocket costs may be comparable to upgrading to a new device.

Even a 15-25% increase in year-one cost for a new box is worth it. You'll save at least that much time in not having to troubleshoot different equipment when you have a problem, and your protection will be broader.

Vendor offerings

UTM was pioneered by Sunnyvale, Calif.-based Fortinet Inc. and SonicWall Inc., and Burlington, Mass.-based Astaro Corp., but most security vendors offer UTM devices now. Each vendor has strengths and weaknesses. Some are built using mostly open source software; others have proprietary chips to get the job done. Given where the market is now, you should strongly consider your incumbent network security provider. In all likelihood it also offers a UTM device, and you are already familiar with the vendor and the management interface.

At a minimum, you should kick the tires of at least one or two other devices. Only by getting hands-on with a few boxes will you figure out what is the best fit for your environment. But for SMB customers, UTM is the shape of things to come.

Mike Rothman is president and principal analyst of Security Incite, an industry analyst firm in Atlanta. Reach him via email at mike.rothman (at) securityincite (dot) com.


This was first published in July 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.