Unified threat management: The next level of network security

Unified threat management is quickly becoming a must-have tool for SMBs. Security specialist Mike Rothman explains what it is and why you need it.

This Content Component encountered an error

A new product category called unified threat management (UTM) has emerged. These devices promise integration, convenience and protection from pretty much every threat out there -- and are especially valuable to small and medium-sized businesses (SMBs).

Evolution of UTM

The network security business has evolved rather incrementally over the years, largely driven by threats -- as opposed to thoughtful architecture. First there was the token authenticator, designed to protect all of those crazy employees dialing up into a remote-access environment.

Then as direct connections to the Internet hit widespread deployment in the mid-90s, there was a need to protect those connections with firewalls. But firewalls were rather unsophisticated devices, so products that could detect an attack pattern (intrusion detection) came into vogue. Subsequently we've seen gateway antivirus, antispam, Web content filtering, anomaly detection, Web application firewalls and a host of other new products emerge to stop very specific threats.

SMB technologists are sick of it. All of these products have different management consoles, none work together, and most are marginally effective. SMBs don't have extra people or dollars lying around to maintain the status quo.

Adoption decisions

So should you turn off your existing equipment and move to these new platforms? Yes. Your choices are pretty straightforward: continue to renew the maintenance on your existing device(s), or buy something new. Given the competitive nature of the UTM market, out-of-pocket costs may be comparable to upgrading to a new device.

Even a 15-25% increase in year-one cost for a new box is worth it. You'll save at least that much time in not having to troubleshoot different equipment when you have a problem, and your protection will be broader.

Vendor offerings

UTM was pioneered by Sunnyvale, Calif.-based Fortinet Inc. and SonicWall Inc., and Burlington, Mass.-based Astaro Corp., but most security vendors offer UTM devices now. Each vendor has strengths and weaknesses. Some are built using mostly open source software; others have proprietary chips to get the job done. Given where the market is now, you should strongly consider your incumbent network security provider. In all likelihood it also offers a UTM device, and you are already familiar with the vendor and the management interface.

At a minimum, you should kick the tires of at least one or two other devices. Only by getting hands-on with a few boxes will you figure out what is the best fit for your environment. But for SMB customers, UTM is the shape of things to come.

Mike Rothman is president and principal analyst of Security Incite, an industry analyst firm in Atlanta. Reach him via email at mike.rothman (at) securityincite (dot) com.


This was first published in July 2006

Dig deeper on Security and risk management for Small Business

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchCompliance

SearchHealthIT

SearchCloudComputing

SearchMobileComputing

SearchDataCenter

Close