UTM: Simplifying the Overall Security Solution

Date:   Tuesday , December 01, 2009

Over the past couple years, the marquee threats of the past—denial-of-service attacks, viruses, worms—have been joined by an expanding array of newer culprits. The more recognizable ones include information leakage/theft, phishing, spam, spyware, and a growing number of targeted attacks. One possible response to this onslaught is to progressively roll out a corresponding set of countermeasures in the form of independent, single-function solutions, also known as point products. However, this causes the solution to directly mirror the diversity and complexity of the problem. Not surprisingly, evidence indicates that such an approach is not sustainable. Associated costs, such as operating a growing collection of tools, would continue to rise unchecked at the same time that threats inevitably find their ways through the gaps of this type of patchwork defense. It is expensive, inefficient, and ultimately ineffective.

Enter unified threat management (UTM) products. The goal of UTM is to simplify the overall security solution despite the growing scope and rising complexity of the security problem. The most apparent aspect of this simplification is the physical consolidation of point products into a single appliance; hence the term unified threat management. Unfortunately, some UTM products have little else to offer. Their level of simplification — not to mention security effectiveness — is significantly limited due to the relative lack of effort spent on other important characteristics and capabilities, including quality of individual security mechanisms, functional integration, and management unification. Although the concept and promise of UTM makes sense, not all UTM products have the same capability to make good on that promise.

Sprawl of the typical security solution
The problems associated with the information security problem should not be taken lightly. The trends for threats, vulnerabilities, and technology adoption dictate architecting a solution that provides comprehensive functional, logical, and physical coverage. In doing so, coordination of processes, procedures, and tools will be necessary. And comprehensive security means reducing the sprawl of security solutions that has cropped up over time.

Individual aspects of the security problem and the products introduced to address them emerged over many years. Firewalls and antivirus led to virtual private networking. Denial-of-service attacks and worms drove the need for intrusion prevention and vulnerability management systems. Soon came instant messaging, P2P file sharing, and a dramatic rise in spam. Now we are dealing with information leakage, phishing, and spyware.

Largely, it has been unavoidable that organizations would wind up with a security infrastructure composed of numerous, disparate, disconnected countermeasures. In recent years, organizations have come to understand that a patchwork approach is not only unsustainable, but it leads to disadvantages that include:

* High capital costs—each security issue requires a separate, expensive IT project
* Runaway operating expenses—all security products and systems must be operated and maintained individually, but still coordinated in some fashion
* Incomplete and/or ineffective coverage-organizations will forgo a product with unique capabilities if it overlaps significantly with its installed base, leaving network security gaps. And since products are configured separately, conflicting or incomplete rule sets can occur due to false assumptions about which products treat which threats

As a result, most organizations now realize that when they build a comprehensive security solution they must emphasize simplicity in the infrastructure and its management.

(Check Point worldwide leader in securing the Internet, is the vendor to deliver Total Security for networks, data and endpoints, unified under a single management framework. Check Point provides customers protection against all types of threats, reduces security complexity and lowers total cost of ownership.Check Point first pioneered the industry with FireWall-1 and its patented stateful inspection technology. Today, Check Point continues to innovate with the development of the Software Blade architecture. The dynamic Software Blade architecture delivers secure, flexible and simple solutions that can be fully customized to meet the exact security needs of any organization or environment. Check Point customers include tens of thousands of businesses and organizations of all sizes including all Fortune 100 companies. Check Point’s award-winning ZoneAlarm solutions protect millions of consumers from hackers, spyware and identity theft)

The author is Regional Director, Check Point Software Technologies, India & SAARC