UTM is simply an abbreviation for Unified Threat Management, and it’s a core offering of ours for our SMB and Enterprise customers. UTM security is the evolution of the traditional firewall into an all-encompassing network security solution able to perform multiple functions within one single appliance:
- Network firewalling
- Network intrusion prevention and gateway antivirus
- Gateway anti-spam
- Application Control
- Content filtering
So why is UTM security so important these days? Any technology publication, on any given day, highlights security breaches that affect businesses in significant ways. Network downtime… can cripple any business from small to large. In fact, the security challenges are only getting more complex and challenging. Just recently, CIO.com highlighted research from Georgia Tech Information Security Center that forecasted some of the biggest security challenges awaiting businesses in 2013. A comprehensive UTM security solution can play a role in thwarting these threats.
Add to this, advanced persistent threats (APTs) are becoming increasingly sophisticated, and the need for comprehensive network security solutions is evident. Our own Cory Nachreiner recently blogged on just this topic, but to summarize…
- Advanced – APTs use the most advanced malware and attack techniques available. By the nature of the name, they often leverage techniques such as encrypted communication channels, kernel-level rootkits, and sophisticated evasion capabilities to get past a network’s defenses. More importantly, they often leverage zero-day vulnerabilities – flaws which software vendors haven’t yet discovered or fixed – to gain access to our systems. In short, APTs are Q-level, James Bond malware.
- Persistent – This malware is designed to stick around. It carefully hides its communications, using techniques like stenography. It “lives” in a victim’s network for as long as possible, often cleaning up after itself (deleting logs, using strong encryption, and only reporting back to its controller in small, obfuscated bursts of communication).
- Threat– APTs are extremely blended threats, much like botnets, and very targeted. APT attackers are groups of highly skilled, motivated, and financially-backed attackers with very specific targets and goals in mind. Typically, the often nation-state sponsored attackers have targeted Fortune 500 companies, government-related infrastructure, or the industrial sector – and we anticipate this broadening to organizations of all sizes.
So… what to do? While no single network security solution can ‘solve’ threats across the board, a single UTM security appliance simplifies management of a company’s network security strategy, with just one device taking the place of multiple layers of hardware and software.
Some key advantages (beyond the obvious) of UTM security that can translate into almost any organization…
- Reduced complexity with a single network security solution; only one vendor to manage
- Simplicity by avoiding multiple software installations and their subsequent maintenance
- Easy management inherent in plug and play architecture
- Reduced technical training requirements
- Regulatory compliance
As network security threats become more sophisticated, and APTs continue to become prevalent, protect your SMB or enterprise with a UTM security solution. It’s a key part of a comprehensive, holistic security solution.