Network security: Using unified threat management (UTM)

Network security products vary in use and protection. If you're looking at security options to protect your network, read this description of unified threat management (UTM) to learn what UTM's advantages are compared to traditional security models.

The traditional network security model and associated limitations

The traditional network security model uses standalone devices for maintaining a secure network environment. These standalone network security products are generally deployed as software, running either on a PC or an appliance, and provide product-specific network security functions, like a firewall and VPN. While they do what they are designed for, they fail to provide the comprehensive security, network deployment flexibility and the performance necessary to combat today's ever increasing sophisticated cyber threats.

Standalone network security products introduce these significant challenges:

1. Today's rapidly evolving cyber threats are more sophisticated and evade one or more standalone technologies. It's easier to target a standalone device that gives an attacker a clear passage to network.
2. There is always a cost and complexity factor associated with managing and maintaining an increasingly distributed network with no clear perimeter. This not only creates a security gap but also adds burden to already-taxed resources.
3. The performance and processing power required to provide complete content-level protection is difficult to achieve without purpose-built hardware.

More resources on UTM: UTM -- The next level of network security: Learn why you need unified threat management. What are common unified threat management features? Find out common (and uncommon) UTM features.

Unified threat management is basically a firewall appliance that not only guards against intrusion but also performs content filtering, spam filtering, intrusion detection and antivirus duties traditionally handled by multiple systems. These devices are designed to combat all levels of malicious activity on the computer network.

An effective UTM solution delivers a network security platform that comprises robust and fully integrated security and networking functions such as network firewalling, intrusion detection and prevention systems (IDS/IPS) and gateway antivirus (AV) along with other features, such as security management and policy management by group or user. It is designed to protect against next-generation application layer threats and offers a centralized management through a single console, all without impairing the performance of the network.

Source: Fortinet

Advantages of using an UTM

Simply put, the convenience and ease of installation are the key advantages of threat management security appliances. There is much less human intervention required to install and configure these appliances.

The advantages of UTM include the following:

• Reduced complexity: The integrated all-in-one approach not only simplifies product selection, but product integration and ongoing support as well.
• Ease of deployment: Since there is much less human intervention required, customers themselves or vendors can easily install and maintain these products.
• Integration capabilities: The appliances can easily be deployed at remote sites without the help of any security professional. In this scenario, a plug-and-play appliance can be installed and managed remotely. This kind of management is synergistic with large, centralized software-based firewalls.
• The black box approach: Users have a tendency to play with things, and the black box approach limits the "damage" users can do. This reduces trouble calls and improves network security.
• Troubleshooting ease: When a box fails, it is easier to swap it out than troubleshoot. This process gets the node back online quicker. A non-technical person can do it, which is especially important for remote offices without dedicated technical staff onsite.

Some of the leading UTM solution providers are Fortinet Inc., NetScreen (acquired by Juniper Networks Inc.), Symantec Corp., Citrix NetScaler, WatchGuard Technologies Inc. and Elitecore Technologies Ltd.

About the author:
Puneet Mehta is a CISSP Security Architect at SDG Corp., an e-security and e-business software services and solutions firm headquartered in Connecticut. Special expert security areas for Puneet include internetworking technologies, network security, e-business infrastructure architecture and implementation, single sign-on strategies and solutions, PKI design/implementation and encryption technologies. Puneet holds several industry-leading certifications. Among them are MCP, MCPS, MCP+I, MCSE, CCNA, CLP, Certified Internet Security Specialist, OCP, BS7799-2:2002, CISSP, CEH, and CPTS.
Ask Puneet a network security question or view his Ask the Expert section on securing networks.

Rate this Tip To rate tips, you must be a member of SearchNetworking.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip Digg This!     StumbleUpon     Del.icio.us    RELATED CONTENT Network Security Securing the new network architecture: Security for distributed, dynamic networks How to configure Windows Server 2008 advanced firewall MMC snap-in Security across network boundaries with Secure Mobile Architecture USB storage devices: Two ways to stop the threat to network security Network security: Empower users without endangering IT Network analysis -- Enhancing security assessments VPN security: Hiding in plain sight, using network encryption OSI: Securing the Stack, Layer 8 -- Social engineering and security policy Anti-spam protocols help reduce spam NAC -- Strengthening your SSL VPN Network Security Products Securing the new network architecture: Security for distributed, dynamic networks What is data loss prevention? -- An introduction to DLP To simulate voice over IPSec VPNs which simulators work? Is my firewall setting preventing wireless network guest access? How to configure Windows Server 2008 advanced firewall MMC snap-in How to retrieve passwords from locked laptops How to interpret test scan results to assess network vulnerability What commands allow network traffic to pass through PIX firewalls? For an SMB firewall, what features should I look at? Creating Remote Access and Site-to-Site VPNs with ISA Firewalls: from 'The Best Damn Firewall Book Period, Second Edition' Network Security Monitoring Network forensics appliance gets storage boost and 10 GbE support Tracking NetFlow over MPLS helps airline with compliance Securing the new network architecture: Security for distributed, dynamic networks When it comes to data loss prevention, networking should be part of the conversation What is data loss prevention? -- An introduction to DLP What are the best methods for handling rogue access points? Internet monitoring vendor adds throttling, filtering, to its appliance How to interpret test scan results to assess network vulnerability Endpoint security locks down law firm's network Can a broadband network installer compromise your network security? RELATED GLOSSARY TERMS Terms from Whatis.com − the technology online dictionary Nessus  (SearchNetworking.com) network analyzer  (SearchNetworking.com) RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.