Comprehensive security used to mean protecting your organization like a medieval castle: Erect a (fire)wall, defend the perimeter, seal information and assets inside under lock and key (password protection), and close up the entrance with a drawbridge (a solid antivirus program).
Now, however, security doesn’t stop at an organization’s perimeter. Data, assets, and employees are mobile; wireless networks are rapidly overtaking their hardwired counterparts; and email, data, and sensitive information are all vulnerable. Just as adversaries learned to breach a castle’s defenses, today’s sophisticated threats are engineered to evade firewalls, antivirus programs, and password protection.
As threats have evolved, new technologies have emerged to defend against them. Unified threat management (UTM) solutions combine multiple network security technologies to provide increased layers of protection. Formerly, UTM referred only to the combination of a firewall and anti-virus, but today the term encompasses additional functionality. “UTM software or appliances combine multiple threat management modules together — usually antimalware filtering for email and Web, intrusion detection, intrusion prevention, email encryption, and more,” says Andrew Jaquith, senior analyst at Forrester Research, Inc.
Consolidating network security with UTM solutions offers additional benefits as well. According to Brandon Bain, director of business development for UTM software vendor Endian, based in Italy, “The UTM market has grown significantly over the last few years because unifying functionality can potentially provide increased levels of network security control and the efficiency inherent in managing a single solution.”
There are a number of UTM solutions available for any sized organization with any feature requirements or budget. Most major offerings include both a hardware appliance and a “virtual appliance” or software package that can transform existing hardware into a UTM appliance. While hardware-based solutions are often a bit less expensive up front, the costs to manage and maintain them can be high, not to mention the space and energy demands they will make. There’s also a greater risk of obsolescence as the hardware ages.
Software can seem pricey, but installation, monitoring, and management services can lead to a lower total cost of ownership over time
At the end of the day, organizations have different needs and preferred methods. Here are four options you should know about:
Websense Triton is a content security solution that enables organizations to safely use the Web as an application platform while protecting them from blended and emerging threats across corporate offices, remote workers, and branch offices. Triton also protects organizations from inappropriate content and confidential data loss. These features add up to improved regulatory compliance. They also enable monitoring and reporting of network security as well as compliance requirements from healthcare and retail to finance and government.
Triton can be deployed a number of ways, including a pure security-as-a-service model to reduce cost and complexity while extending coverage and visibility. It also offers a flexible TruHybrid deployment option by which the solution is deployed via a hardware appliance at a central location and uses security-as-a-service to reach branch offices and remote workers.
Fortinet FortiGate-80C and FortiGate-80CM
Fortinet FortiGate solutions are available as standalone appliances that integrate antivirus, firewall, VPN, intrusion prevention, Web filtering, antispam, antispyware, application control, and traffic inspection. Depending on an organization’s needs, Fortinet offers models with built-in wireless access points and PC card slots to extend security capabilities for mobile, retail, branch office, and remote workers’ applications.
The appliances use Fortinet’s FortiOS 4.0 operating system for enhanced security features such as a stateful inspection firewall, IPSec/SSL VPN, and intrusion prevention. They also deliver SSL-encrypted traffic inspection, data loss prevention, identity-based policies, application control, and endpoint network access control (NAC) to protect against Web 2.0 threats.
SonicWall TZ and Network Security Appliance (NSA) Series
SonicWall TZ and NSA Series of software and hardware appliances can be custom-configured to include an array of available services, including gateway antivirus, antispyware, intrusion prevention, enforced desktop antivirus, content filtering, and more, depending on a customer’s needs. SonicWall appliances also provide dynamic updates of these services as they become available.
The solutions offer deep packet inspection firewall, SSL VPN, IPSec VPN, and Web content filtering capabilities in an integrated appliance that is easy to deploy and easy for customers to manage. Also, the multicore performance features of the NSA Series can help growing small or midsize organizations scale into global enterprises.
Endian UTM is an open-source hardware/software/hybrid/cloud solution that integrates security services such as a stateful inspection firewall, VPN, gateway antivirus, antispam, Web security, and email content filtering. Because Endian is open source, solution providers can install it on customers’ legacy hardware, delivering a cost-effective solution.
Endian also enables secure wired and wireless Internet access via hotspot functionality and a secure VPN and access to the Endian Network through which IT professionals can centralize the configuration, updates, and management of multiple Endian solutions from a single GUI. In addition, the UTM provides instant recovery capabilities to minimize downtime in case of a failure.
Sharon Florentine is a Philadelphia-area freelance writer with expertise in technology and the reseller channel.