UTM: Ten Questions Before you Buy

Unified Threat Management appliances are the fastest growing segment of the security market.


You Can't Detect What You Can't See: Illuminating the Entire Kill Chain

On-Demand Webinar

(Page 1 of 3)

The notion of combining the various security devices to protect your network isn't new, but lately the market has become more competitive with the entry of CheckPoint Software's UTM-1 product. UTM stands for unified threat management, and the idea has a lot of appeal – combine firewall, intrusion detection and prevention, and virtual private networks (VPNs) inside a single piece of hardware. Then wrap around some management software so that a security manager can have a single view of what is attacking your network.

According to IDC, UTMs are the fastest growing segment of the security appliance market and by next year they will even outsell firewalls and VPNs. But finding the right UTM appliance will take some careful research and testing. Here are some questions to get you started down the right path, along with the leading products that satisfy each criteria.

1. Do you need protection for remote offices that don't have local IT staff?

If your remote offices have grown beyond a home office and require something more sophisticated to handle a network, then the UTM products have a lot of appeal: you can manage them remotely, often with just a Web browser.

2. How many security services do you want to consolidate into one box?

Most UTM products come with support for at least five different security services: firewall, intrusion detection and prevention, virtual private network (VPN), anti-virus and anti-spyware email scanning. Some add additional protection features, such as Web applications firewalls, outbound attack scans, and Web content filtering modules. You probably don't need to activate all the modules at the beginning, and some are probably more important to you than others. You also might not wish to replace existing firewall or VPN services on your headquarters network, but want these services deployed on branch office networks.

Figuring out which security services to start off with is also important for two reasons. First, the active services determine how much you pay. Each vendor licenses the separate modules with a complex price sheet, and if you don't need anti-virus, for example, there is no sense in paying extra for it. Second, the more services you enable, the less performance you get out of your box, so turning off the ones you don't need can have a big impact.

3. Are you satisfied with you current virtual private network?

The UTM boxes work best with setting up site-to-site VPN connections to encrypt traffic over the Internet from your headquarters to branch offices. Some of them, such as Astaro, Checkpoint, and Fortinet, also include rudimentary Secure Sockets Layer (SSL) VPNs that are useful for connecting remote users too. While these SSL VPNs aren't as feature-rich as dedicated VPN appliances from Juniper, Aventail and F5 Networks, they can be a good place to start to deploy SSL VPNs and get an understanding of what they offer.

Page 1 of 3

1 2 3
Next Page

0 Comments (click to add your comment)
Comment and Contribute


(Maximum characters: 1200). You have characters left.



IT Management Daily
Don't miss an article. Subscribe to our newsletter below.

By submitting your information, you agree that datamation.com may send you Datamation offers via email, phone and text message, as well as email offers about other products and services that Datamation believes may be of interest to you. Datamation will process your information in accordance with the Quinstreet Privacy Policy.