IT Security: Unified Threat Management ( UTM )

Unified Threat Management (UTM) is a solution in the network security industry, and since 2004 it has gained currency as a primary network gateway defense solution for organizations. In theory, UTM is the evolution of the traditional firewall into an all-inclusive security product able to perform multiple security functions within one single system: network firewalling, network intrusion prevention and gateway antivirus (AV), gateway anti-spam, VPN, content filtering, load balancing, data leak prevention and on-appliance reporting.

The worldwide UTM market was approximately worth $1.2 billion in 2007, with a forecast of 35-40% compounded annual growth rate through 2011. The primary market of UTM providers is the SMB and enterprise segments, although a few providers are now providing UTM solutions for small offices/remote offices.

The term UTM was originally coined by market research firm IDC. The advantages of unified security lie in the fact that rather than administering multiple systems that individually handle antivirus, content filtering, intrusion prevention and spam filtering functions, organizations now have the flexibility to deploy a single UTM appliance that takes over all their functionality into a single rack mountable network appliance.

A single UTM appliance simplifies management of a company's security strategy, with just one device taking the place of multiple layers of hardware and software. Also from one single centralized console, all the security solutions can be monitored and configured.

In this context, UTMs represent all-in-one security appliances that carry a variety of security capabilities including firewall, VPN, gateway anti-virus, gateway anti-spam, intrusion prevention, content filtering, bandwidth management, application control and centralized reporting as basic features. The UTM has a customized OS holding all the security features at one place, which can lead to better integration and throughput than a collection of disparate devices.

For enterprises with remote networks or distantly located offices, UTMs are a means to provide centralized security with control over their globally distributed networks.

Key advantages:
-  Reduced complexity: Single security solution. Single Vendor. Single AMC
-  Simplicity: Avoidance of multiple software installation and maintenance
-  Easy Management: Plug & Play Architecture, Web-based GUI for easy management
-  Reduced technical training requirements, one product to learn.
-  Regulatory compliance

Key Disadvantages:
-  Single point of failure for network traffic, unless HA is used
-  Single point of compromise if the UTM has vulnerabilities
-  Potential impact on latency and bandwidth when the UTM cannot keep up with the traffic