Manager's Guide: Complexity

Find out how unified threat management (UTM) can help your customers reduce complexity and increase reliability in this segment of A Manager's Guide to Unified Threat Management. This tip originally appeared in Information Security magazine.

If there's any argument that will resonate with large enterprise network managers, it's this one. UTM strategies can dramatically decrease the number of devices in a network, which has the immediate side effect of increasing overall reliability (with fewer devices to fail, the mean time between failures of the system increases), and decreasing management and debugging difficulty (with fewer devices, it's easier to find where a problem is).

The physical network topology for a single-device solution is much simpler than any pre-UTM environment. In fact, integrating UTM devices can make some topologies easier to implement. While the plan for building a high-reliability firewall service -- usually by sandwiching pairs of firewalls between pairs of load balancers -- is well known, how these interact with a miscellaneous pile of threat mitigation devices is a different and more difficult planning question. With fewer devices in the picture, everything becomes less complex.

There are other complexities that can be ameliorated by use of UTM. For example, if a network has both a firewall and dedicated Web proxy, a goal of the network manager is to ensure all outgoing Web traffic goes through the proxy, and no unsupervised traffic moves through the firewall. This logical complexity, and the attendant risk of error or omission, is reduced if the Web proxy and firewall are in the same box.

If adding UTM features to your network will help you to reduce or at least constrain complexity, then this is a strong argument in favor of UTM. If network complexity doesn't change much, you may have to find a different justification.

A Manager's Guide to Unified Threat Management

Introduction: Be prepared
Consolidation and Cost
Performance
Complexity
Management
Flexibility

About the author
Joel Snyder is a senior partner at Opus One, an IT consulting firm in Tucson, Ariz., and a technical editor for Information Security.

This tip originally appeared in Information Security magazine.

More News and Tutorials

Articles
- Understanding "best-of-breed"
- unified threat management (UTM)
- SPECIAL It's a firewall, it's an IPS, it's antivirus, it's antispam…but is it right for you?">Unified Threat Management Guide for Managers
- Manager's Guide: Performance
- UTM devices: Efficient security or a firewall failure risk?

Related glossary terms

Terms for Whatis.com - the technology online dictionary
- keyword stuffing
- database activity monitoring (DAM)

This was first published in January 2007

Join the conversationComment

Share

Comments

Results

Contribute to the conversation

All fields are required. Comments will appear at the bottom of the article.

More from Related TechTarget Sites

Microscope
Cloud Provider
Security
Networking
Storage
Cloud computing
Server Virtualization
Data Backup

MicroscopeUK
- This you call service?
  
  Nick Booth tries to get to grips with the question of what era really the differences between a VAR and a service provider
- HDD market returns to normality post-floods
  
  An update from HDD specialist HGST has revealed that the market is back to normal after the floods but also indicated that some are finding it hard to readjust
- SolarWinds targets SME channel with N-able buy
  
  Acquisition will help management software vendor target more sub-100 head business through the channel
Cloud Provider
- VMware hybrid cloud service unlikely to start turf war with providers
  
  Despite directly competing with many of its cloud provider customers' offerings, VMware's new hybrid cloud service is unlikely to damage partnerships.
- News briefs: VMware public cloud debuts; AWS nets FedRAMP approval
  
  In this week's news briefs, the VMware public cloud officially launches, Dell drops its IaaS offering and AWS gains accreditation from FedRAMP.
- What are the different phases of an IPv6 implementation?
  
  In an IPv6 implementation, it's important to spend time with each of the five phase of the process, IPv6 expert Chip Popoviciu says.
Security
- Case study: CDI launches aviation company DLP program on short runway
  
  Technology services company CDI-Aerospace used a Verdasys DLP solution to manage third-party risk for a major aviation client.
- IT certification guide: Vendor-specific information security certifications
  
  Experts Ed Tittel and Mary Lemons provide a 2013 overview of vendor-specific information security certifications available.
- Introduction: Vendor-neutral security certifications for your career path
  
  Ed Tittel and Mary Lemons offer the definitive primer for vendor-neutral security certifications in 2013.
Networking
- F5 Application Acceleration Manager combines WAN, Web optimization
  
  F5 Application Acceleration Manager is a single platform for transport, data center and application optimization.
- Robust network security solutions still lacking
  
  As network attacks grow in intensity, network administrators are still seeking tools to block intrusions.
- Networking blogs: The MapR platform strategy; Tax Day case for IPv6
  
  This week, networking bloggers point out the steady progress of the MapR platform and make a case for the serious adoption of IPv6.
searchStorage
- RAID alternatives: Will erasure codes rule?
  
  Learn why the reliability of RAID technologies could be related to the increased use of erasure coding by both new and established storage vendors.
- Permabit Technology extends primary data deduplication software
  
  Permabit tries to make its primary deduplication software more palatable to OEMs by adding compression and replication plug-ins.
- HP cloud storage service features open source OpenStack object store
  
  HP cloud storage service uses open source OpenStack object store to attract developers, ISVs and enterprises in competition against Amazon S3.
Cloud computing
- Interest in private clouds grows as market matures
  
  Growing interest in private clouds reflects an improved understanding of cloud computing among IT pros, experts say.
- Building a cloud ecosystem with open source software
  
  The open source community fosters innovation in the name of cloud. OW2's Cédric Thomas talks of 'coopitition' and the open source cloud revolution.
- Sequestration stymies federal government cloud ambitions
  
  The federal government is under mandates to consolidate data centers and deliver IT as a Service, but sequestration makes this easier said than done.
Server Virtualization
- How to achieve optimal resource allocation and why that matters
  
  Optimal resource allocation is a tricky tightrope act for even experienced IT pros, but you can ease the process by asking yourself a few questions.
- Virtualization widens schism between server and networking teams
  
  Virtual networking has revived tensions between server and networking teams within data centers, but it's a dynamic both sides must embrace.
- Strike a common-sense balance when deciding what to automate
  
  Consider the many factors that determine the potential return on investment when deciding when and what to automate.
searchDataBackup
- The pros and cons of integrated backup appliances
  
  Find out whether integrated backup appliances with backup software, server and storage offer any benefits beyond ease of installation.
- Quantum vmPRO adds LTFS tape support, DXi V-Series gains capacity
  
  Quantum upgrades its vmPRO virtual machine backup appliance, supporting 24 TB of pre-deduped data and LTFS tape in a virtual appliance.
- Veeam Software adds WAN acceleration, tape support for VM backup
  
  Veeam upgrades its virtual machine backup software, building WAN acceleration and native tape support into Backup & Recovery v7.

All Rights Reserved,Copyright 2006 - 2013, TechTarget