Putting IT All Together: Unified Threat Management or best-of-breed?
Walter Schumann, general manager and senior VP sales, EMEA, Astaro AG describes the long debate among IT experts as to which concept is most advantageous, Unified Threat Management (UTM) or best-of-breed
Some IT professionals prefer to use several related technologies from one vendor, already integrated into a complete package, whereas others prefer to select a series of well-known point products from different vendors.
IT security and protection of information continue to be one of the main movers in today's IT economy. Convenient communication platforms offer a variety of possibilities for outside users to do mischief and steal business data. The list of security vulnerabilities seems endless, so, over the years, companies have shaped their IT infrastructure by installing the most effective security solutions they could acquire.
Firewalls, which limit network traffic, and virus scanners, that prevent the majority of worms, malware and Trojans from entering an enterprise's IT, were amongst the first IT security systems to be installed by organisations. With further IP communication developments, corporations started to enable data exchange between their branch and head offices utilising VPN technology. IT staff in medium-sized businesses and large-scale enterprises tried to meet developing demands by deploying separate firewall, VPN, URL-filtering, anti-virus, and anti-spam products across their company's network.
However, for smaller companies and their hard-pressed IT staff, the deployment of many separate security solutions was never a realistic option. This is one reason why market analysts predicted a trend towards UTM appliances, unifying and integrating multiple security features on a single hardware platform. In the face of budget cuts and new security threats even larger companies began deploying UTM appliances, if only to shut out intruders to branch offices or off-site departments.
Originally, IDC defined Unified Threat Management security appliances as products including network firewall capabilities, network intrusion detection and prevention (IDP), and gateway anti-virus (AV) functionality.
However, in the fast-moving security market, UTM vendors needed to include much more in order to stay ahead of the threats that faced their customers. For instance, Astaro Security Gateways now include protection against viruses, worms, spam, spyware, phishing, and block access to unauthorised content. The latest release even features e-mail encryption, SSL VPN, active/active clustering and safeguards for the flood of unsecured instant messaging traffic and peer-to-peer file sharing traffic.
As understanding of the types of threats and the necessary protection has increased, more and more companies have become aware that when comparing best-of-breed concepts with Unified Threat Management approaches, the difference is not in quality or security. As it stands, the term "best-of-breed" implies that any other technology would be inferior or somewhat less secure than the product of choice. In reality, UTM appliances integrate the very same technologies that are featured in point products, the differences are in granularity, not security. Anything else would drive up IT administration costs.
Even though point products generally offer more configuration options and a longer list of features, this doesn't automatically translate into higher security. Medium-sized companies simply do not need the same amount of management tools as global corporations, not least because they generally do not have the resources to manage such solutions. It works to their advantage if UTM vendors take point technologies and limit the options to the tools that are really needed.
Another driver towards adoption of UTM appliances, is that organisations deploying new point products which address developing Internet threat, not only face booming licensing costs skyrocket, but training, integration and management efforts also grow exponentially. Any technology that is hard to operate will result in unnecessary costs. By offering vendor consolidation, UTM appliances reduce license and training costs, and IT staff can perform administration tasks for all security solutions by using the same GUI. Parameters, like network definitions, need only be configured once and are activated for different applications. This reduces the risk of incorrectly configuring, or even neglecting to deploy security technology.
What IT staff in all companies really need is an efficient way of installing rock-solid security solutions. IDC foresees a strong, sustained growth in the integrated security appliance market over the next years, in line with customers' increased awareness of the need to protect their network infrastructure and simplify critical business processes.
Walter Schumann, general manager and senior VP sales, EMEA , Astaro AG
Astaro AG is exhibiting at Infosecurity Europe 2007, Europe's number one dedicated Information security event. Now in its 12th year, the show continues to provide an unrivalled education programme, new products & services, over 300 exhibitors and 11,600 visitors from every segment of the industry. Held on the 24th – 26th April 2007 in the Grand Hall, Olympia, this is a must attend event for all professionals involved in Information Security www.infosec.co.uk
