This is really best answered by making sure we're clear on what unified threat management means to you and your customers, and where you expect to deploy the technology. The IT analyst firm IDC coined the term unified threat management to describe a hardened security appliance that offers (at a minimum) firewall, intrusion detection prevention and antivirus capabilities in a single platform. There are literally dozens of available solutions today that fit this description, even if they choose not to call themselves unified threat management devices.
Unified threat management has evolved over time to include many more features and functions. This consolidated utility is generally a tradeoff between cost, best-in-breed efficacy and performance. With unified threat management you certainly do get what you pay for.
There are numerous opportunities where unified threat management devices can add value and take the cost out of security, but setting expectations is important for you and your customer.
If you're looking to deploy unified threat management at one or more perimeter ingress/egress points to consolidate functionality of several separately managed devices, unified threat management obviously holds value in cost reduction. Still, it's important to balance vendor claims, performance and management.
Typically unified threat management is utilized for branch offices or at the Internet ingress/egress for small to midsized businesses, which makes sense given resource constraints and expertise. One box to rule them all.
Unified threat management embodies the trend of foundational and commoditized features converging into easier-to-manage, more cost-effective security devices. If what your customer needs is decent network-level protection to filter out the big lumps at the border, then unified threat management is a good choice.
Larger enterprises, on the other hand, still tend to deploy siloed solutions. This is especially true if they're looking to deploy security as a service layer at the core or their network, where performance, availability and efficacy are paramount. Unified threat management is not usually considered at this level of the network, and there are only a few vendors who can pull this off.
If you're looking to offer unified threat management devices to your customers, choose wisely. Make sure the product is solid and supportable, especially if you're thinking of deployment in large enterprises where the performance and operational elements are much more demanding than those of the small to midsized business.
This was first published in November 2007