point
The Smart Techie was renamed Siliconindia India Edition starting Feb 2012 to continue the nearly two decade track record of excellence of our US edition.

UTM: Simplifying the Overall Security Solution

Bhaskar Bakthavatsalu
Tuesday, December 1, 2009
Bhaskar Bakthavatsalu
Over the past couple years, the marquee threats of the past—denial-of-service attacks, viruses, worms—have been joined by an expanding array of newer culprits. The more recognizable ones include information leakage/theft, phishing, spam, spyware, and a growing number of targeted attacks. One possible response to this onslaught is to progressively roll out a corresponding set of countermeasures in the form of independent, single-function solutions, also known as point products. However, this causes the solution to directly mirror the diversity and complexity of the problem. Not surprisingly, evidence indicates that such an approach is not sustainable. Associated costs, such as operating a growing collection of tools, would continue to rise unchecked at the same time that threats inevitably find their ways through the gaps of this type of patchwork defense. It is expensive, inefficient, and ultimately ineffective.

Enter unified threat management (UTM) products. The goal of UTM is to simplify the overall security solution despite the growing scope and rising complexity of the security problem. The most apparent aspect of this simplification is the physical consolidation of point products into a single appliance; hence the term unified threat management. Unfortunately, some UTM products have little else to offer. Their level of simplification — not to mention security effectiveness — is significantly limited due to the relative lack of effort spent on other important characteristics and capabilities, including quality of individual security mechanisms, functional integration, and management unification. Although the concept and promise of UTM makes sense, not all UTM products have the same capability to make good on that promise.

Sprawl of the typical security solution
The problems associated with the information security problem should not be taken lightly. The trends for threats, vulnerabilities, and technology adoption dictate architecting a solution that provides comprehensive functional, logical, and physical coverage. In doing so, coordination of processes, procedures, and tools will be necessary. And comprehensive security means reducing the sprawl of security solutions that has cropped up over time.

Individual aspects of the security problem and the products introduced to address them emerged over many years. Firewalls and antivirus led to virtual private networking. Denial-of-service attacks and worms drove the need for intrusion prevention and vulnerability management systems. Soon came instant messaging, P2P file sharing, and a dramatic rise in spam. Now we are dealing with information leakage, phishing, and spyware.

Largely, it has been unavoidable that organizations would wind up with a security infrastructure composed of numerous, disparate, disconnected countermeasures. In recent years, organizations have come to understand that a patchwork approach is not only unsustainable, but it leads to disadvantages that include:

Share on Twitter
Share on LinkedIn
Share on facebook