The advantages of unified threat management

Lock on keyboard button
The big advantage is simplifying a complex business

Keeping IT infrastructure secure is a complex task and few small and midsized businesses can afford dedicated security specialists.

This goes a long way to explaining the popularity of unified threat management (UTM) appliances - single boxes which plug in to the company network to manage security. The market for UTMs has been expanding rapidly, with research house Gartner seeing 20.7% compound annual growth over the past four years.

Another reason for their popularity is that criminals are targeting smaller companies, says Lawrence Pingree, a Gartner analyst.

"Hackers have always targeted large enterprises but they generally have got good security defences," he says. "If they want to commit financial fraud or steal credit card details it is much easier for them to go after small and medium sized businesses which have no security staff."

So what exactly do UTMs offer? Key features include:

  • A corporate firewall to keep unwanted traffic off the company network.
  • Internet gateway security (which includes scanning incoming traffic for viruses, malware or malicious attachments and web address blacklisting).
  • A network intrusion prevention system (IPS) to prevent hackers attacking unpatched Windows PCs and servers.
  • Secure remote access, enabling employees to connect to the company network while out of the office.
  • The ability to update automatically with the latest security updates, anti-virus definitions and new features so that minimal manual intervention is required beyond initial set-up.

More advanced features may include: a web application firewall to protect the company website; secure wireless capabilities to enable guests to connect to the network; next generation firewall features, including the ability to control or prevent employee use of specific applications such as peer to peer programs.

Leading UTM vendors include Fortinet, Dell SonicWALL, Juniper Networks, Check Point Software Technologies, WatchGuard and Sophos.

Simplicity

The benefit of a UTM for smaller businesses is simplicity -a single purchase covers every security need, and all the security features can be controlled and configured from a single management console. Some UTMs offer a base level of security in the initial purchase price, and extra security services, such as an intrusion protection system (IPS), can be enabled for an additional licence fee.

"The alternative is for a company to seek out point solutions for each of these security needs, but as well as leading to complex licensing there is also the question of having to carry out multiple device configurations and making sure that it all works well together," says Pingree.

But he warns that UTMs don't always provide the same level of protection as point solutions. "The protection you can expect from the IPS built in to most UTMs is much improved in recent years, but a specialist vendor's IPS is still likely to be better."

But for many companies the choice is actually between having a UTM-based IPS or not having one at all, he points out, so this difference is largely academic.

Compliance requirements

This can be particularly important for companies that have to be in compliance with security regulations for the industry or sector in which they operate.

"You can certainly satisfy some compliance requirements with a UTM, like running an IPS, but don't forget that satisfying compliance requirements involves configuring the appliance properly," says Pingree. "It's not enough to have a specific security capability in a UTM you buy - you have to know how to turn it on and configure it."

That should be less of a problem for medium sized companies than those at the smaller end of the scale, according to John Grady, a security researcher at IDC.

"The more complex your IT architecture, the more likely you are to have an admin who can configure a UTM," he says. "But even for small companies that have don't have an IT person with security skills, it's still much easier to manage a single UTM than to try and manage point solutions separately."

If configuration is too much of an issue - especially for small companies that are growing quickly and changing their IT infrastructure regularly - then there is always the option to buy a UTM through a managed security service provider who will configure the appliance remotely.

TOPICS
Latest in Security
Data leak
Top home hardware firm data leak could see millions of customers affected
Representational image depecting cybersecurity protection
Third-party security issues could be the biggest threat facing your business
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Latest in News
An image of Pro-Ject's Flatten it closed and opened
Pro-Ject’s new vinyl flattener will fix any warped LPs you inadvertently buy on Record Store Day
EA Sports F1 25 promotional image featuring drivers Oscar Piastri, Carlos Sainz and Oliver Bearman.
F1 25 has been officially announced, with this year's entry marking a return for Braking Point and a 'significant overhaul' for My Team mode
Garmin clippd integration
Garmin's golf watches just got a big software integration upgrade to help you improve your game
Robert Downey Jr reveals himself as Doctor Doom to a delighted crowd at San Diego Comic-Con 2024
Marvel is currently making a major announcement about Avengers: Doomsday's cast on YouTube, and I think it's going to be a long-winded reveal
Samsung QN90F on yellow background
Samsung announces US prices for its 2025 mini-LED TV lineup, and it’s good and bad news
Nintendo Switch Lite
Forget the Nintendo Switch 2, the original Switch is getting one last hurrah in a surprise Nintendo Direct tomorrow