Consider the three strongest budget-based arguments for choosing UTM in this portion of A Manager's Guide to Unified Threat Management, courtesy of Information Security magazine. Your customer's CFO won't be able to ignore the economic benefits.
The easiest argument to make in favor of UTM is that it takes multiple devices and merges them into one. Consolidation has its own benefits even if you're only compressing multiple firewalls into a single device. But when UTM is added, the greatest benefit is cost savings from three different areas: capital expenditure, operational expenditure and saved rack space in a server room.
In terms of capital expenditure, savings start with buying fewer boxes and software licenses. Although there are always exceptions to this rule, buying one box that does two things but needs one set of licenses is almost always less expensive than buying two boxes and two sets of licenses. The capital expenditure savings argument, though, becomes less clear when you already own the two boxes. In that case, it's important to understand that you're never done buying boxes. Network managers have been on this treadmill before, and, if they're not buying boxes for their network every day, they at least realize that there is a never-ending train of solutions to deal with new and evolving threats.
Operational expenditure savings are easier to see because fewer boxes to manage means, well, fewer boxes to manage. And, fewer boxes take less time to maintain with patches, updates and configuration changes. In addition to operational expenditures come all of the other software support costs required for any security device, including maintenance and subscription services. With fewer devices, the subscription services might be the same (or they could be lower), but the software maintenance fees will definitely offer savings.
The last cost savings area is pure hardware: power, space and cooling. While some network managers have the advantage of oversized computer rooms with excess cooling, that's far from common. The stress of 1U servers combined with ever-increasing clock speeds has dramatically changed the balance of space, power and heat used to build most computer rooms. The upshot is that every inch of rack space in a computer room represents a valuable resource, and the marginal cost of adding racks, power and cooling to a filled-to-capacity room is enormous. Thus, putting one box where there were two (or three or five) is a savings and can be fairly substantial.
Consolidation is a driver for UTM if the cost savings in the three areas add up when compared to the alternative -- either not enabling UTM or sticking with a multi-box solution. If the cost savings aren't there, that doesn't mean that UTM is not right for you -- just that you need to move on to more compelling arguments.
A Manager's Guide to Unified Threat Management
Introduction: Be prepared
Consolidation and Cost
About the author
Joel Snyder is a senior partner at Opus One, an IT consulting firm in Tucson, Ariz., and a technical editor for Information Security.
This tip originally appeared in Information Security magazine.