The final portion of A Manager's Guide to Unified Threat Management evaluates the flexibility of UTM devices, and helps you solidify your UTM decision based on the five arguments discussed in the Guide. This tip originally appeared in Information Security magazine.
The last reason that UTM might be right for you is if you require flexibility -- at which point you should respond, "Who doesn't?"
Flexibility in the world of UTM means that you have the option to enable or disable a threat management feature any time you want. For example, if you find something wrong with your desktop antivirus, such as a bad update or missing signature, you can enable antivirus on the gateway instantly -- even if it's not part of your long-term strategy. Of course, the flexibility to disable a feature quickly without reconfiguring your network, such as turning off an IPS or virus scanner, can be equally useful.
While most products have the ability to easily turn on and off entire subsystems, such as the IPS or virus scanner, it's also important to identify UTM products that give you more than a few UTM options, such as a choice of multiple vendors for antivirus and IPS, or the ability to add in more obscure threat management, such as traffic management tools or esoteric firewalls.
That said, flexibility is a hard argument to evaluate. If you thought calculating ROI on a security investment was difficult, consider how to value installing a product for a feature that you might not even use.
Fortunately, you don't have to make one big decision about UTM. Instead, UTM is all about making a series of small decisions, one per feature. Any function can go into a UTM firewall, but not every function should. By evaluating the five arguments in favor of UTM, you'll have a better feeling for the cases where UTM will bring benefits -- and those cases where you're better off sticking with multiple point solutions.
A Manager's Guide to Unified Threat Management
Introduction: Be prepared
Consolidation and Cost
About the author
Joel Snyder is a senior partner at Opus One, an IT consulting firm in Tucson, Ariz., and a technical editor for Information Security.
This tip originally appeared in Information Security magazine.
This was first published in January 2007