Unified Threat Management — the best option for shrinking budgets?
The IT security risk is fast moving and rapidly changing.
In January’s InfoSecurity magazine, Derek Manky of Fortinet
(NASDAQ:FTNT) talks about how cyber criminals are evolving their security subversion strategies and identifies a number of new threats; from online money mule recruitment campaigns and the resurgence of the Buzuz Trojan, through to code execution vulnerabilities in Microsoft (NASDAQ:MSFT) and Apple (NASDAQ:AAPL) products.
This volatile risk landscape poses a challenge which security vendors are constantly battling.
While businesses want and need to protect themselves, any commercial organisation will be constrained by time and resources; perhaps now more than ever before.
Businesses have traditionally invested in individual technologies to solve individual IT security needs; anti-virus software, firewall, content filtering, spam filtering, and intrusion prevention. But as budgets are shrinking; businesses are looking for ways to make savings.
Unified Threat Management (UTM), an appliance which brings together a number of IT security applications on a single network security platform, has been widely touted as the lower cost solution. But is this always the best option? And if so, shouldn’t channel players be queuing up to resell this technology?
The benefits of UTM are described as “simplicity, streamlined installation and use, and the ability to update all the security functions or programs concurrently. As the nature and diversity of Internet threats evolves and grows more complex, UTM products can be tailored to keep up with them all. This eliminates the need for systems administrators to maintain multiple security programmes over time.”
With a UTM, the customer is effectively consolidating a number of functions into a single appliance, but without losing performance. You save time and money, and it’s easier to manage.
But don’t be fooled that UTM is the answer to all your woes. The success of a UTM, in terms of generating time and cost savings, within a specific business is largely dependent on how it has been built and its application for any given organisation. And in order for the channel to exploit opportunities to sell in this way, they need to show an understanding of this.
Some security vendors build up their UTM packages to adapt to opportunities in the market. So a designated appliance box, designed for one process, is expanded to bundle in products from other vendors, extending its capacity to 4-5 jobs. Because it is reliant on a number of vendors’ applications, there is potential for a hold up when there are any maintenance or support issues. The UTM vendor itself will have to refer back to the vendor of the specific application for advice before to resolve the client’s query. There is also the potential for confusion around licensing payment models and renewal dates, where they are not one and the same.
In contrast, where a vendor has designed a UTM, from the bottom up with hardware, operating system and applications from a single vendor, a number of the challenges associated with UTMs are avoided. There is a single point of ownership and accountability as and when things go wrong. Every element is supported and developed. And a dedicated UTM reduces the footprint of a business’s IT infrastructure.
So when I’m asked whether UTM is always the best option for businesses looking to maintain security levels and reduce costs, my answer would be...usually. The challenge comes identifying the right vendor for the right application.
