UTM Device Ratings
Friday, June 12, 2009 5:01As I have discussed in a previous article on UTM devices, the need for such devices came about because securing a network became more complicated. This resulted in the number of security devices needed to protect the network also increasing. Instead of just a firewall, now intrusion detection, anti-virus protection, content filtering, and a variety of other resources were needed to adequately protect the network. Along with the different devices came different interfaces to manage the technology which was difficult for small business to manage without having a number of staff knowledgeable in the different types of technology. Since most small businesses cannot afford to hire additional staff, the UTM devices allowed less staff to manage and maintain them.
Since the last time I wrote about UTM devices, I came across an InfoWorld article covering the results of tests on four vendors’ UTM devices. The vendors were Astaro, Sonicwall, Watchguard, and Zyxel. Additional vendors were invited, but only these four vendors submitted products for testing. All vendors that submitted devices had at least firewall, VPN, intrusion detection, intrusion prevention, malware, spam, and content filtering protection built into their device. Beyond these capabilities, all vendors had a range of other security protection built into their device.
Testing Results
All four units were tested against a wide range of known vulnerabilities resulting in almost 600 attacks being used against each device. Malware testing resulted in the Sonicwall NSA blocking 96 percent of the attacks, Zyxel Zywall blocking 69 percent of the attacks with Watchguard Firebox Peak blocking only 33 percent of the attacks and the Astaro ASG425 only blocking 26 percent of the attacks. Why such a difference? The testers suspected that it was due to the lack of processing power since deep packet inspections require a lot of processing power to be effective. It then is not surprising that most of the UTM devices also suffered in their data throughput capabilities when the malware testing was conducted. The Watchguard took a 45 percent hit in throughput while the Zyxel took a 36 percent hit. The Sonicwall had 23 percent decline in throughput with the Astaro only declining 2 percent. Again, the Astaro blocked the fewest of the malware attacks so it suffered the least decline in throughput. One positive note on throughput is that the testers noted that unless you are running your WAN link at gigabyte speed you may never notice the decline in throughput.
The testing did not define a clear winner so you will, as in most security issues, have to base it on your own business needs.
- If purchase price is the primary issue, then the Zyxel device would probably be the best fit. At $3,399, as tested, the Zyxel Zywall is an economical choice for those protecting a less demanding network.
- If your main concern is having the best security right out of the box, the Watchguard Firebox Peak maybe the best for your situation. At $9,299, as tested, along with the most throughput when tested under load, this may be a good fit for your business.
- If you want the largest number of security functions, then the Astaro ASG425 may fit your needs. The Astaro was priced at $18,565 which is pricey when looking at the attack protection and throughput issues, but it does have the greatest range of security options of those tested.
- For those businesses that need the best combination of security and throughput, then the Sonicwall NSA appears to be a good fit. At a price of $38,990 when tested, it was the best at protecting against the tested attacks and was only a little behind the Watchguard device when tested on throughput and attacks at the same time.
As always, look at what your security needs are and make the best pick based on the cost, security features and your security needs. For additional information, read the the full article here .
Related posts: