Unified threat management – What is it and why does it matter?

System Security Specialists

The cyber threat landscape has become much more complex in recent years and that has made defending corporate networks far harder. Many companies are turning to a multi-layered approach, integrating several security technologies into a single security strategy. This may involve in-house installations and managed services.

In order to manage this approach, unified threat management (UTM) offers a simplified strategy that allows a range of security infrastructure appliances and security applications to be managed from a single platform.

UTM typically involves a single appliance that combines a range of security features, delivering protection against a range of sophisticated cyber threats. Technologies bundled into the UTM might include intrusion prevention, next-generation firewalls, content filtering and VPNs. The appliances themselves are usually low cost, running on commodity hardware and so can be rolled out quickly as required.

UTM and compliance

In an environment where systems may be on in-house platforms or in the cloud, and where its increasingly common to have linked supply chains, or managed providers for certain services, ensuring data protection and compliance is essential.

UTM can help to protect information for the entire enterprise and many managed service providers (MSPs) are offering it as an additional service for their clients. This can be combined with data recovery and backup solutions to offer essential protection, making it possible to roll back to an earlier version in the event of a ransomware or other cyber attack.

Using a UTM device makes it possible to inspect traffic patterns and establish a baseline of ‘normal’ traffic and behaviour. This means it becomes easy to spot when unusual activity occurs on the network that could indicate an attack or an attempt to steal data. Depending on the level of protection required, inspections can be flow based – sampling data and using pattern matching to spot suspicious content. Where greater protection is needed, it can be proxy based – here a full inspection of all traffic looking for possible threats is carried out before traffic is permitted to proceed to the endpoint. While being more secure, this obviously imposes greater overhead.

Pros and cons of UTM

As a flexible and future-proof solution to the challenges of securing corporate networks, UTM solutions have a lot to commend them. However, like any technology, there are positives and negatives to consider.

On the plus side, UTM makes it easier to implement multi-layered defence as there is only a single product to deploy and to monitor. Because a number of different security technologies are integrated, it also provides improved effectiveness and efficiency with minimal effort and of course a fixed initial cost.

There are physical benefits in that everything is combined in a single appliance so it takes up less rack space, is simple to connect, and also means lower power consumption – a key consideration for larger data centres. You can also be sure that all of the technologies within a UTM solution are designed to work together, so you don’t have to worry about compatibility issues with different providers.

On the other hand, relying on a UTM does mean that you have a single point of failure that could leave your network unprotected in the event of a problem. It’s, therefore, a good idea to ensure you have a separate backup and recovery solution to ensure your business data is protected.

Most of the technologies included in UTM have been around for some time as separate products. It’s the idea of putting them all together in a single, plug-in, easily managed solution that makes for an attractive solution. With just a single vendor to deal with, UTM can cut costs while ensuring strong protection.

Cloudworks utilise market-leading technologies to not only monitor and report on security threats, but take intelligent action when required. If you’d like to know more – please call us on 0115 824 8244 or email us at hello@cloudworks.co.uk.