Suddenly IT security has got far more complex. After all, a few years ago we were mostly worrying about spam. Now we can’t be sure what is going to hit us next after recent outbreaks of phishing, pharming and spyware.
Just when you thought that the IT world had exhausted its supply of three letter acronyms, another comes along. The good news is that this one, unified threat management (UTM), can actually make IT managers´ easier.
UTM appliances consolidate a wide variety of gateway security functions. The pros and cons of doing this – or remaining with the traditional solution of having different security functions on dedicated appliances – have been debated widely. However, it seems that the market is already voting with its feet and choosing to test the benefits of the integrated option.
UTM made its debut a few years ago and there appears little doubt that it has already made its presence felt among enterprise customers. According to the research firm IDC, the total sales of UTM products are expected to grow to $3.5 billion in 2008. However, now it is beginning to filter through to small to medium-sized businesses keen to invest in flexible but exceptionally powerful protection.
A 2005 industry study documenting the attitudes of IT managers towards UTM showed that 50 per cent of those interviewed were ‘more’ or ‘much more’ interested in multi-function security appliances (or UTMs) compared to 12 months previously. More than 60 per cent were seriously considering using a security appliance for multiple functions and another 10 per cent planned to do so in the next 12 months.
So there can be little doubt that this kind of appliance is pervading the market. But what are the real benefits? Are UTM appliances just another way of security vendors selling more products or can they really offer a better defence against today’s changing threats? And, importantly, how do IT managers assess the products available to ensure that they invest wisely?
UTM appliances have several major benefits. The first is that they enable managers to protect their networks through a single administrative interface without the burden of running multiple servers. This means dealing with only one vendor if adjustments need to be made or for upgrading, for example. It also means that IT managers can look after all security functions themselves from this single interface and view integrated security reports. As a result, UTM appliances offer a lower cost of ownership than traditional solutions.
But they can also offer more comprehensive protection. Their modular nature means anti-spam, anti-virus can be added – and now some UTM appliances offer anti-spyware too. As spyware lives at the application layer, conventional packet-layer firewalls won’t prevent its entry. A more comprehensive, multi-layered approach is necessary to combat this unique threat. A UTM approach can prevent spyware from being installed, detect existing spyware when it attempts to contact its home base and block Web sites that are known to or are likely to have spyware.
The main issue for prospective buyers to consider is the level of protection needed. Even those who have already installed security appliances need to reconsider the type of defences they have at their perimeter as the type of firewall they need will be key to their decision. Firewalls that were considered adequate only a few years ago now offer an easy access point into networks and the applications they host.
The latest threats have been crafted to attack specific versions of critical software applications and to slip directly through older versions of firewalls that were purchased and deployed a number of years ago. Companies under threat (and, realistically, that means every company) should consider an ‘application level’ firewall that doesn’t allow any traffic to stream inside the network until it has been thoroughly examined for any malicious application attacks, viruses and worms.
Today’s threats can be just as devastating to a small business as they are to a large enterprise – perhaps even more so as most are working to tighter margins. A UTM appliance can give them the strongest possible security with less fuss, less work and less overhead.