An Overview of Unified Threat Management

By CIOReview | Wednesday, July 6, 2016
577
982
196

An Outline

A few years ago organizations’ were accustomed to packet-filter firewalls that offered protection against virtually all threats. Because of the increasing number, variety and sophistication of threats against business networks, traditional firewalls and antivirus software alone may not fill the gap in safeguarding the organizational assets today. To fortify the layers of defense within organizations, a unified threat management (UTM) system—that performs multiple security functions within one single arrangement can be established as an effective network defense solution.

Cyber threats

In the 1973, Michael Crichton movie ‘Westworld’ made an early mention of the concept of a computer virus, which today is a sophisticated program, posing a constant threat through its perpetual evolution. The widespread computer security threat categories such as Viruses, Spyware, Hackers, Phishing, Blended threats and Bots are all the byproducts of the program called "Elk Cloner"- the first personal computer virus to appear "in the wild". While hackers are no saints, the threat codes they create have constantly evolved to steal and harm individuals and organizations, making them switch to efficient security systems without which operations may stand at dire straits.

UTM: The Real defense

Designed to protect your organization from the blended threats while reducing complexity, UTM appliances have advanced from traditional firewall/VPN products into a solution with several additional capabilities, that include Spam blocking, Gateway antivirus, Spyware prevention, Intrusion prevention, and URL filtering. They are designed to safeguard a network with ease and simplicity by combining a firewall, a gateway anti-virus, and with intrusion detection and prevention capabilities—incorporated into a single platform. These solutions provide the most complete security for fully integrated, multifaceted protection from your never ending troubles of network threats. Information and organizational resources have become indispensible for companies to safeguard against complex and growing computer security threats to stay safe in the digital world. “The golden rule of cyber security is probably to remember that silence is a defensive discipline. But even when you cannot remain silent, you need the knowledge to remain inconspicuous in the crowd of information online,” explains Vicente Diaz, Principal Security Researcher at Kaspersky Lab, the importance of securing our devices.

Why UTM?

Even though UTM can have a detrimental impact on your company network performance beyond the local area network, they are incorporated with complex technology to handle almost any threats. A Firewall which plays a major role in controlling network traffic is an important part for any UTM that a CIO can choose from. Whereas an Internet gateway security that scans incoming traffic for viruses, malware or malicious attachments forms the second layer of security for your network. The Network Intrusion Prevention System (IPS) that is embedded in the UTM can prevent hackers attacking un-patched Windows PCs and servers which further adds to the security shield strength. Secure remote access that can enable employees to connect to the company network while out of the office will not only protect your network but also can increase productivity and keep the continuity. Another interesting feature can help you get the latest security updates, anti-virus definitions and new features while reducing the burden for your network administrator, thanks to the UTM auto update.

The Notable Properties:

UTM can ensure a safer tomorrow for your networks, making it an uphill battle for hackers to penetrate the walls of security. Take a look at the significant offers by UTM for a protected network.

• Simplicity: A single purchase covers every security need, and all its features can be controlled and configured from a single management console. Some UTMs offer base level security in the initial purchase price while others can be enabled for an additional license fee.
• Application Controls: This feature enables prioritization of applications based on user identity, time, applications, and bandwidth, fostering flexibility, real-time visibility and control. Advanced application controls classify applications based on their risk level, characteristics and technology, offering more granular controls.
• Identity-based Controls: This allows administrators to uniquely identify the users, control Internet activity of them in the network, and enable policy-setting and reporting by username.
• VPN: Offers secure remote access, ensuring secure endpoints and network with its Threat-free Tunneling Technology which combines next-generation firewalls with high-speed wireless systems. Encrypts the network traffic while ensuring the integrity of all data passing through within the organization.
• Web filtering: This component prevents access to inappropriate Web content. An administrator may define URLs/domains that are not allowed (blacklisting), or the filter may communicate with a continuously updated reputation service. The filter may also intercept all HTTP requests in a TCP connection. Some vendors provide Web filtering as part of the core package, whereas other vendors require an additional Web filtering license.

Advantages

CIOs choose UTM not only because of its sophisticated network security features, but also because there are some striking advantages in several aspects including the security budget of the organization. These are the areas that make UTM stand out where most of the CIOs’ prefer.

• Lower up-front cost – Generally speaking, a single all-in-one appliance costs less than buying multiple dedicated systems.
• Lower maintenance costs – Buying just one support agreement for all security services can significantly reduce the amount to pay for service contracts and ongoing support.
• Less space – If the space for networking equipments is limited, UTM’s ability to fit all the services into a small, self-contained package is in fact appealing.
• One power Supply – Results in less power utilization and less power lost while reducing line voltage, to the levels network devices use resulting in lower power consumption.
• Easier to install and configure – A one appliance set up means there are just a couple of wires to connect and one interface to setup the device.
• Fully integrated – A UTM device’s features are designed to work together without leaving gaps in your protection or creating interoperability challenges.

Before Installing UTM

Reflecting the fact that multitasking might not always bring the best results, UTM could lack some of the granular features a dedicated box provides as these devices are a single tool designed to play multiple roles. Also if the UTM devices are not chosen according to the workload of your company, UTM might have an unfavorable impact on network performance beyond the local area network. While scanning incoming traffic for viruses alone can reduce network speeds by 20-50 percent, enabling IPS and other security features will also reduce performance even further. As part of implementing the best security, even if a UTM is installed at the internet gateway, it’s worthy to install and manage anti-virus software on employees' computers and on servers to tackle the virus that reaches the UTM system before the appliance has been updated to recognize it. Running anti-virus software on these machines enables the virus to be detected and removed from the host side.

The Future   

The market for UTMs has been expanding swiftly, with research house Gartner considering 20.7 percent compound annual increase over the precedent four years. Unified threat management systems are now amongst the most extensively used tools in the information security arsenal. However as new threats are constantly appearing and with existing threats evolving, UTM technology can play a great role in establishing a safer organizational network.