Unified Threat Management: The Secure SMBs Friend

Opinion: Analysts may argue over what should go into a UTM appliance, but a UTM appliance should definitely go into your small business.

I have an ongoing interest in products for small businesses, which I think have generally been shafted by the software industry over the years. Small-business owners are often forced to choose between products designed for lone consumers and those designed for massive enterprises.

Security has been a great example of this phenomenon, but in some ways things have begun to get better. One category of product, more than any other, can contribute to the security of a small or medium-sized business: UTM (unified threat management).

A UTM appliance combines numerous security functions. Typically its a router and firewall, it performs network anti-virus scanning, it may do network intrusion detection and prevention, and it may run a VPN. Some UTMs also perform such functions as spam and content filtering.

UTM is all the rage in the security business, and theres a huge range of product complexity and price. PCMag reviewed several units last year and just tested one of a new line from ZyXel. All the big companies are in the business, either directly, as Symantec is, or through licensees, as McAfee and Trend are. My own Servgate Edgeforce Plus UTM runs licensed McAfee software. Ive also seen recent announcements from D-Link.

From my own experience, including working in small businesses, its tough to persuade the owner to get real milk for the coffee room, let alone real security for the computers. This is the real challenge for the industry, at least at certain sizes of business, say under 50 users. Thats the size of business where youd have a really hard time getting along without a full-time computer support person.

Remember, any company even this size will certainly have desktop security in place. It may be a horror to manage, but it may also have done the job so far. Even so, to a security professional the fact that UTM can provide redundant protection at the gateway is of obvious value, especially in as much as you can get it from a different vendor than the one providing your desktop protection. This greatly improves your protection.

Most people hear this and figure that they dont really need both a belt and suspenders, especially since theres another subscription cost in addition to the upfront cost. But good UTM can make such a difference that I expect them to be great sellers.

28571.gif

Check out eWEEK Labs review of the Symantec Gateway Security 1660 all-in-one appliance.

There can be big performance differences between UTM boxes, and performance is the subject of some debate. Some people argue that certain tasks performed by the box, the firewall and gateway mainly have become so commoditized that they should be run in a separate box. This allows the higher-value, performance-intensive functions like virus scanning to run unimpeded.

I could argue this both ways. Its true that gateway/firewall boxes can be had for very little, but these are probably the least performance-intensive functions on a UTM appliance. If your UTM product is slow, removing the firewall processing probably isnt going to make much of a difference. Take this argument to the next level and eventually were back in the enterprise market, where every security function is on its own gateway device.

Performance can be a big issue, especially when all the features are enabled on a box, and I havent seen a speed test on any of these products. But UTM appliances are computers, after all, and you should expect them to get faster over time just as computers get faster over time.

In the meantime, the reasons to buy one are still compelling: networkwide protection, a second source of protection besides your desktop vendor, access to extra features like content filtering, and easier management.

Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983.

28571.gif

Check out eWEEK.coms for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzers Weblog.

More from Larry Seltzer