Unified Threat Management–Do I Need It?
Friday, May 22, 2009 15:53
First we can not talk about something if we do not know what it is so let’s define this term of “Unified Threat Management”. Unified Threat Management (UTM) basically is a firewall that has a variety of features and capabilities beyond just a firewall. It is a device that can include such features as intrusion detection, intrusion prevention, anti-virus, spam filtering, content filtering, instant messaging security and other similar types of features. Please note that this is not a complete list of features because these devices are continually changing, and different features are offered by different vendors.
As I have talked about in previous posts, no matter what type of security you implement for your business, a layered approach is needed. Again, all this means is that you do not depend on just one security device or measure to protect your business. With a layered approach, you have more than one security measure in place so if one fails or is defeated, one of the other layers of security is still there to protect you. The principle of layered security should be used for physical as well as computer security issues. A UTM device is basically multiple security devices wrapped into one which gives you the layered security approach.
The advantage for the small and medium-sized business is that the many features of the UTM device allow you to protect your business against a variety of threats. Also, there is just one device to become knowledgeable about and to configure. Compatibility issues between multiple devices should be reduced since the different features of the UTM are set to run on one device and to work together. The downside of UTM devices is that if the device fails, you may not have any security for your network unlike if you have multiple security devices. With multiple devices, if the anti-virus device goes down, you still have the firewall and intrusion detection devices to help protect your network. The advantages for the small and medium-size business still make this a device that I would look at to protect my business beyond just a basic firewall or secure router.
There is a number of vendors with UTM devices on the market, and I would suspect the list will get longer in time. When selecting a UTM device for your business, there are a some steps you should take:
- Determine what your security needs are and what features you want and need.
- Investigate vendors and the ratings or reviews on their UTM devices. Here is a link to ratings including pricing on about a dozen UTM devices. UTM Ratings at Networkworld.com
- After narrowing down the choices to a few, look at or contact other companies that use the device and get their input. This is really important since most small and medium-sized businesses do not have adequate resources to test products in-house before buying.
- If you do have the capabilities, test your top couple of choices in a lab environment.
- Look at cost versus features. Cost is always a factor but don’t skimp on necessary features just to save a few dollars.
When selecting a UTM device, keep in mind some important features. Centralized management of the many functions of the device is one feature of the UTM that I would recommend. It is a pain to have separate consoles to configure each function or feature of the device. As in any business you deal with, you want good customer service and vendor support. Another feature you may want is Security Information and Event Management (SEIM) which allows the device to gather and analyze security log data from different systems and have it available in one location for review.
In conclusion, always use a layered security approach when protecting your network. A UTM device cannot guarantee security of your network but with the right device and features you can improve the security of your network without having to manage a variety of devices. UTM devices are just one of the many layers you can use to protect your network. Security requires many elements so take a look at UTM devices and see if they may be one of the elements of security that can benefit your small or medium sized business.
Related posts: