The term Unified Threat Management (UTM) was first coined back in 2004 by an IDC analyst in a report entitled “The Rise of the Unified Threat Management Security Appliance”.
But the concept met with a fair bit of resistance due to a variety of reasons, the chief of which was the belief that such an appliance would load the network and destabilise the IT systems of enterprises.
However, the rise of security breaches, especially in the interconnected enterprise world, has compelled many companies to reconsider UTM as a practical solution for meeting their security needs.
According to Judy Wu, Research Manager of Infrastructure Software Research, IDC Asia Pacific, there are many players doing the same things with UTM.
“UTM security appliance products include multiple security features integrated into one box. To be included in this category, as opposed to other segments, the appliance must be able to perform network fire-walling, network intrusion detection and prevention and gateway anti-virus,” says Wu, adding that not all of the capabilities in the appliance need to be utilised, but nevertheless the functions must still be available in the appliance. In these products, the individual components should not be separated.
Leading UTM player Fortinet sees UTM as the aggregation of seven key security functions. Eryin Halmen, Country Manager of Malaysia and Brunei, Fortinet, says this includes firewall, anti-virus, intrusion detection and prevention, IPSec Virtual Private Network (VPN), web content filtering, spyware prevention, and anti-spam—integrated into a single hardware platform.
Kevin Lai, Security Sales Specialist (Asia), Cisco Systems, says UTM is a multi-faceted solution combining multiple security technologies to defend an organisation’s network.
“UTM typically combines multiple threat-mitigation techniques such as firewall, antivirus, and intrusion-prevention-system technologies into a single defense system to ensure broader attack analysis and automated defense,” says Lai.
All About Information
Underlying the need for such an appliance in the enterprise world is the need to vigilantly guard what is arguably the most important asset any enterprise has—information.
Cisco’s Lai says that today, an evolution is occurring in the security landscape that is sitting at the convergence of security and networking. Businesses, he explains, are increasingly mobile, extended, and operating in collaboration with partners, vendors, and customers.
“In this environment, they must manage risk by protecting data at rest and in motion, maintaining regulatory compliance, and protecting themselves from both internal and external threats,” says Lai, who believes that as long as security threats continue to exist, there will be a need for a comprehensive UTM solution. “As more and more networking technologies are deployed, the vulnerability potential for networks increases. In this light, enterprises are turning to unified security offerings that enable them to integrate a broad range of threat-mitigation techniques on a common platform.”
Covers Simply…
IDC’s Wu says another reason for UTM’s rising popularity in the region is its all-in-one and easy-to-use approach. She notes that integrating all security features in one device provides a baseline protection for organisations.
“On top of that, ease of management saves IT staff tremendous management overheads, which is ideal for small and medium enterprises [SMEs] or remote branch offices,” says Wu. “Vendors are also moving to high-end UTMs where the scalability and performance are enhanced to accommodate large enterprise environments.”
Fortinet’s Halmen believes there is a lot of potential in the IT security solutions market, as the top concern among enterprises in the current business environment is the prioritising of security technology. In fact, Halmen argues that by deploying a comprehensive UTM system offers many benefits.
“By deploying UTM, enterprises are able to provide comprehensive security services including being protected against current blended threats, which require more than just basic firewall features to be able to stop viruses, Trojans, all manner of threats and even some nuisances such as spam, at the gateway to the network,” says Halmen, who goes on to note that in comparison with proprietary products, UTM devices offer a relatively easy learning curve, a single interface, and can be maintained and managed easily.
…Everything
With UTM solutions, valuable resources such as IT investments and manpower, as well as time can be freed up to do other tasks, Halmen says. “UTM solutions are frequently more affordable than point solutions, not only because there are fewer systems to purchase, but also from operating system costs and per-seat licensing costs.”
Cisco’s Lai concurs, noting that it is also important to understand that UTM not only provides a solid defence against security threats, but also reduces deployment and operating costs.
“When multiple security services are integrated into a single device, there is no longer a need for multiple boxes,” Lai says. “In addition, on the operations side, which typically lends to a bigger portion of the overall deployment expense, unified security becomes much easier and less costly to manage compared to standalone devices that possess their own management interface, training requirements, and logistics.”
Lai also says unified security provides seamless transition from legacy systems and makes it possible to administer an integrated policy system. “This in turn minimises training requirements, boosts productivity, and reduces the likelihood of policy-related errors that could compromise security,’ Lai says.
How To
Notwithstanding the argument that there is merit in deploying UTM solutions, how exactly should enterprises go about doing so?
According to Lai, a UTM solution should include an integrated and collaborative security framework that offers best-of-breed defence on a holistic level to protect organisations from attacks throughout the enterprise.
“It should also provide organisations a sizable breadth of services—one encompassing a firewall, antivirus protection, intrusion prevention, and virtual private network (VPN) connectivity, perhaps—as well as significant depth in order to ensure a robust unified security system,” Lai says. “This should include an in-depth network and endpoint security, content security, application security and system management and control. These capabilities allow businesses to protect critical assets, enforce business policies, and reduce security compliance and IT risks, with less administrative burden and a lower total cost of ownership.”
Lai adds that in the SME space, which might have a smaller network setup, integrated security features should be built into routers and switches to provide an accepted level of security suitable for the SME environment. “Organisations would typically have a single perimeter network as opposed to a host of machines,” he says. “An SME UTM customer would deploy integrated services routers (ISR) with advance security, firewall, IPS, VPN and content security feature sets.”
Fortinet’s Halmen tells us that for an enterprise to consider UTM, three questions must be answered. They are:
• Is an organisation currently deploying security appliances from a diverse group of security providers? If so, consider implementing UTM solutions for its cost effectiveness, easy learning curve, as well as its simplicity to maintain and manage.
• Do a company’s remote offices require network protection? If so, the UTM approach matches your requirements as it can be managed remotely.
• What security services are you planning to consolidate? Consider deploying UTM platforms if your company is looking for a more comprehensive network security protection.
IDC’s Wu expects the growth in demand for UTM will continue to pick up as it provides easy to use and baseline protection that typically most enterprises need. “SMEs will continue to purchase UTM solutions, especially if they do not have enough IT staff to manage the environment. Large enterprises will look to high-end UTM solutions that support their infrastructure,” she says.
