UTM: A Unified Approach to Security
Date: Wednesday , December 03, 2008
These varied solutions can be integrated together to leverage one’s security measures but security experts agree that a single weak link in security can compromise an entire security implementation. Therefore, what organizations require today, is a unified approach that not only protects their networks and business users from blended attacks and technology misuse but also is also equally cost effective. This ever-changing landscape of security threats has created a demand for Unified Threat Management (UTM) appliances.
What is UTM?
The term UTM was coined by IDC about five years ago. Typically, UTM is used to describe network firewalls that have many features in one box, including e-mail spam filtering, anti-virus capability, an intrusion detection or prevention system (IDS or IPS), and Web content filtering, along with the traditional activities of a firewall. These are application layer firewalls that use proxies to process and forward all incoming traffic, though they can still frequently work in a transparent mode that disguises this fact.
Advantages of UTM
For some years, businesses were inclined towards the software based point solutions but the rapid rise in blended threats combined with widespread access to information has greatly contributed to a need for the flexible, highly integrated functionality that UTM delivers, especially in small organizations where there is always a shortage of the technical staff. Some of the areas where UTM score over software or point solutions are:
Reduced Complexity: The all in one approach simplifies product selection, integration and ongoing support.
Easy to Deploy: Customers or more often VARs and VADs can easily install and maintain the products. Nowadays, this process is handled remotely.
Synergies with high-end software solutions: Appliances are used in remote sites where an enterprise does not have security professionals on the ground. A plug and play appliance like VPN can be installed and managed remotely. This management is synergic with large centralized software based firewalls.
Low operator interaction:
Users generally have a tendency to fiddle around with things and the black box approach limits the damage users can cause. This significantly reduces trouble calls and improves security.
Troubleshooting with ease: When an appliance fails, its easier to simply swap the appliance instead of troubleshoot. This allows the business to be online quicker and can be done by a non-technical person too. This is essentially important for remote offices that have low technical staff. UTM in India Indian market sees a large number of players in this space, each one vying to woo as many customers as possible. Sonicwall, Fortinet, Check Point, WatchGuard are some of the major players in this area.
Fortinet was one of the first players to launch UTM solutions in the market. With its FortiGate product it provides a comprehensive suite of functionality. Significantly, it provides a central management function through its FortiManager. “Unlike other players who have ventured into the UTM space through acquisitions and then integrating their technologies into their products, Fortinet has had its proprietary technology in its products. When other players were trying to figure out various antiviruses in the network, we already came up with an integrated SSL-VPN. We have also realized that with an increase in functionality, there is also be a need for increase in processing power at the hardware level,” says Vishak Raman, Country Head - India, Fortinet. Last month, Tata Communications partnered with Fortinet to introduce virtualized Unified Threat Management (vUTM) in India.
Check Point in previous few years has gone ahead with acquisition some major security solutions companies such as Zone Alarm, Pointsec and NFR to increase its portfolio of solutions and services. The acquisition of NFR allowed it to add intrusion-detection and prevention system to its suite of solutions. “ When we acquired the companies we made sure to upgrade our customer’s existing solution and provide the same ease of scalability and managebility,” says Bhaskar Bakthavatsalu, Country Manager India, Check Point. The company recently announced the launch of UTM-1 range of solutions for the Indian SMB market.
Apart from acquisitions, many vendors partner with other solution providers to launch a suite of solutions but experts say this might be risky for customers to adopt because in case of a security breach he may not know which company to approach for support. Also when the partnership of the vendors come to an end, the solutions become outdated, leaving the customer in search for a new one. WatchGuard, another key player in the UTM space has enjoyed a fair share in the market. It has seen a lot of traction from the SMB market in the south and north regions. “We have been an active player in the UTM market in India for the past five years. In fact WatchGuard was the first company to introduce appliance based solutions in the market,” says Sunil Sapra, Country Head India, WatchGurad. Recently, it partnered with Dell to integrate its security solutions in all of the company desktop offerings in the UTM space.
IDC had forecasted a tremendous growth for appliance based UTM solutions in a global market worth $3.4 billion by 2008 and in the coming years this is just bound to increase.
But with so many vendors in the play, it becomes quite difficult for a customer to judge and decide on a solution offering. How does one know that the technology is proven? Experts say that when approaching a vendor, one must ask him to name some of its clients using its solutions today. If a majority of Fortune 100 companies are using it then it can be considered safe. Next one must also make sure that the UTM includes features beyond the ones needed to maintain basic security. Finally, make sure the tool includes some form of centralized management console—this helps in keeping tabs on all components easier as networks expand over time.
Security for computer networks has come a long way from the advent of firewalls in the early eighties. Yet, with the complexity of attacks ever changing in sophistication and speed, security has never been more important. While existing point solutions were once effective at protecting corporate networks, they no longer suffice as individual protective layers. Today, corporates need a distributed and effective front against the modern threats facing information networks. They need UTM.