Case Studies

Appliance Alliance

Unified threat management packages can simplify your multilayered network security, but these all-in-one appliances aren't for everyone.
This story appears in the November 2006 issue of BizTech Magazine.

Businesses that do anything on the Internet — which is just about every business these days — are under attack. First it was viruses, then worms, Trojan horses and spam, followed by an expanding array of exploits, SQL injection and phishing.

As these threats appeared and evolved, most businesses acquired defenses one by one. In many companies, this organic evolution resulted in a collection of boxes and services that aren’t integrated with one another and that all use different management systems. Unified threat management (UTM) tools attempt to simplify that multivendor morass by having a single appliance that implements a firewall’s intrusion protection plus a range of other security functions, including virus protection, content filtering, and spam, phishing and spyware blockers. [See BizTech, March 2006]

Management Ease

The simplicity of integrating multiple security functions into one device is what has Marian College in Indianapolis eyeing UTM appliances, says Andrew Smith, a professor of business administration at the college, which has about 500 employees. The move to a UTM appliance “will help our relatively small but overworked IT staff by integrating all of these jobs,” he says.

UTM proponents also tout the cost advantages of buying one device and paying a bundled subscription fee for updates — a necessity for any security appliance to keep pace with constantly evolving threats — which can be less expensive than paying for separate subscriptions for virus protection, spam filters, spyware blockers and the like, all from different vendors.

The drawback to UTM appliances is that they provide security functions from only a single vendor and don’t allow users to choose best-of-breed defenses from among the wide range of dedicated security applications available. Businesses operating in highly sensitive industries, such as financial services, often require the most robust protection they can find for each of several security functions, such as intrusion prevention, content filtering and virus protection, rather than a single, all-in-one device.

“By definition, security cannot be handled in universal terms,” says Richard Steven Hack, a security consultant to small businesses in the San Francisco metropolitan area. “These devices may be good to simplify management for a small business office network, but they cannot satisfy larger needs, and they cannot replace more [dedicated] solutions flexibly deployed.”

Not for Everyone

“Having one single piece of equipment to handle these multiple threats might be easier when staff is at a premium or at smaller companies such as mine,” notes Hilton Lima, an IT supervisor, who runs a 70-user network for the Miami office of a multimillion-dollar international bank. “I am somewhat wary of having all my eggs in one basket. But if my company had any small branch offices, I would certainly look into it.”

George Carey, an IT specialist with United Coatings, a manufacturer of roofing, architectural and industrial coatings with 65 employees in Spokane Valley, Wash., echoed the eggs-in-one-basket metaphor, noting that having a single point of failure for all security functions exposes a company to a potentially catastrophic breach if a UTM appliance is the sole defense against all attacks.

“If this magical security device fails, or is improperly updated, all network security is lost,” he cautions. “From past experience, every software vendor provides flawed software at some time or another. This happens with Microsoft all of the time, anti-virus vendors occasionally and even with Cisco routers.”

Using dedicated security appliances from multiple vendors can expose a company to more of these intermittent lapses that all vendors suffer, Carey acknowledges, but it eliminates the possibility of “the single catastrophic security breach that would occur if a single [UTM] product were to fail.”

 

CEO takeaway
If your IT staff recommends a UTM appliance to bolster security on your company network, here are some key questions to ask:

• Have you done an adequate risk assessment, and do each of the individual functions of the UTM device we’re considering meet our protection needs?
• If not, what additional desktop and server-based protections will we add or continue to deploy to augment the UTM functions? UTM appliances may provide adequate protection against intruders and spyware, but even proponents acknowledge the benefits of teaming them with server-based spam protection and other dedicated resources, if budgets allow and security requirements demand.
• Do the vendors we’re considering provide 24/7 support, and is there training available for the staff who will manage our UTM defenses?
• Will the UTM appliances we’re considering work with our existing security hardware and services or will we need to scrap a previous investment?
Sign up for our e-newsletter

Security

Heartbleed: What Should Your... |
One of the biggest security vulnerabilities has almost every user and every industry...
Why Businesses Need a Next-G... |
Devices investigate patterns that could indicate malicious activity.
Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....

Storage

The New Backup Utility Proce... |
Just getting used to the Windows 8 workflow? Prepare for a change.
How to Perform Traditional W... |
With previous versions going unused, Microsoft radically reimagined the backup utility in...
5 Easy Ways to Build a Bette... |
While large enterprises have the resources of an entire IT department behind them, these...

Infrastructure Optimization

Businesses Must Step Careful... |
Slow and steady wins the race as businesses migrate IT operations to service providers,...
Why Cloud Security Is More E... |
Cloud protection services enable companies to keep up with security threats while...
Ensure Uptime Is in Your Dat... |
Power and cooling solutions support disaster recovery and create cost savings and...

Networking

Securing the Internet of Thi... |
As excitement around the connected-device future grows, technology vendors seek ways to...
How to Maximize WAN Bandwidt... |
Understand six common problems that plague wide area networks — and how to address them.
Linksys Makes a Comeback in... |
The networking vendor introduced several new Smart Switch products at Interop this week.

Mobile & Wireless

Mobility: A Foundational Pie... |
Other technologies rely on mobile computing, which has the power to change lives, Lextech...
Now that Office for iPad Is... |
After waiting awhile for Microsoft’s productivity suite to arrive, professionals who use...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.

Hardware & Software

Review: HP TippingPoint S105... |
Next-generation firewall can easily replace a stand-alone intrusion prevention system....
New Challenges in Software M... |
IT trends such as cloud, virtualization and BYOD pose serious hurdles for software...
Visualization Can Help Busin... |
Companies need to put their data in formats that make it consumable anytime, anywhere.