Friday, 13 March 2015
IT Security: Unified Threat Management ( UTM )
The worldwide UTM market was approximately worth $1.2 billion in 2007, with a forecast of 35-40% compounded annual growth rate through 2011. The primary market of UTM providers is the SMB and enterprise segments, although a few providers are now providing UTM solutions for small offices/remote offices.
The term UTM was originally coined by market research firm IDC. The advantages of unified security lie in the fact that rather than administering multiple systems that individually handle antivirus, content filtering, intrusion prevention and spam filtering functions, organizations now have the flexibility to deploy a single UTM appliance that takes over all their functionality into a single rack mountable network appliance.
A single UTM appliance simplifies management of a company's security strategy, with just one device taking the place of multiple layers of hardware and software. Also from one single centralized console, all the security solutions can be monitored and configured.
In this context, UTMs represent all-in-one security appliances that carry a variety of security capabilities including firewall, VPN, gateway anti-virus, gateway anti-spam, intrusion prevention, content filtering, bandwidth management, application control and centralized reporting as basic features. The UTM has a customized OS holding all the security features at one place, which can lead to better integration and throughput than a collection of disparate devices.
For enterprises with remote networks or distantly located offices, UTMs are a means to provide centralized security with control over their globally distributed networks.
- Reduced complexity: Single security solution. Single Vendor. Single AMC
- Simplicity: Avoidance of multiple software installation and maintenance
- Easy Management: Plug & Play Architecture, Web-based GUI for easy management
- Reduced technical training requirements, one product to learn.
- Regulatory compliance
- Single point of failure for network traffic, unless HA is used
- Single point of compromise if the UTM has vulnerabilities
- Potential impact on latency and bandwidth when the UTM cannot keep up with the traffic