Keeping a business’s computers secure is a complicated job. It involves firewalls, security software, spam filtering, router configuration, VPNs, and more. What if you could put it all together and have one security product that covered all the bases? That’s what unified threat management (UTM) offers.
UTM can come in a hardware appliance or a software package. A UTM appliance is typically a router and firewall in one box, with additional functions to handle all aspects of security. UTM software provides a suite of applications which the administrator can manage through a console. Some cloud UTM services are available, though they aren’t common yet.
UTM devices are most often found in the small to medium business (SMB) market, but they’ve been expanding into both home offices and larger enterprises. Vendors offer a range of products for different network sizes.
Advantages
The big advantage of the UTM approach is simplicity. Instead of having to manage security on multiple devices and use an assortment of security software, the administrator gets everything in one package. Installation is simple, and there’s a single source for upgrading the software or firmware. Support is simpler, for the same reason. UTM can save money compared with buying separate devices and software.
A UTM device can make it easier to step into the world of IPv6, the new version of the Internet Protocol which is gradually replacing the address-starved IPv4. A network’s ability to support the protocol is no better than its weakest link, so any device or software that doesn’t work well with it can cause problems. A UTM appliance with strong support for the protocol will simplify the upgrade process.
Features
A UTM box generally offers the following features:
- Firewall. This is the traditional firewall feature, controlling what types of packets and requests can come through.
- Intrusion prevention. Closely related to the firewall function, this examines incoming requests and blocks any with malicious patterns or statistical anomalies (e.g., DDoS attacks).
- Security software. The UTM scans files and applications for suspicious patterns, disables them, and issues a warning.
- Virtual Private Network. Most UTM devices include VPN capability to let users access the local network from remote locations.
- Email filtering. It examines incoming email for indications of spam and blocks or quarantines them.
Disadvantages
UTM isn’t for everyone. You’re dealing with a generalist instead of a lot of specialists. This means there’s a single point of failure. If the product doesn’t deal with a particular threat, nothing else does. An attacker who figures out how to get around it doesn’t have to worry about what other defenses might be present. If the device fails, the network is down till it’s replaced. Swapping in a normal router as a temporary measure would leave the network seriously insecure.
Performance can be an issue. Some UTM appliances impose heavy overhead on their networks. If a business gets an appliance with less processing power than its network needs, all its network activities could slow down.
The all-in-one approach constrains your choices. If you prefer a different VPN, for example, then you have to pay for both and make sure the UTM doesn’t interfere with the VPN you choose.
Replacing existing security measures with a UTM box requires serious confidence that the UTM will do the job. When a company knows that the combination of features that it uses work reasonably well, letting a new appliance take over their job involves some risk. A business with very strong security requirements is better off with a tailored approach.
Where simplicity in purchasing and administration are important, UTM can be a good choice for managing security. Please contact BWS Technologies if you’re looking for the best security approach for your business.
