UTM - Unified threat management
UTM (Unified Threat Management) system is a type of network hardware appliance, virtual appliance or cloud service that protects businesses from security threats in a simplified way by combining and integrating multiple security services and features.
Unified threat management devices are often packaged as network security appliances that can help protect networks against combined security threats, including malware and attacks that simultaneously target separate parts of the network.
UTM cloud services and virtual network appliances are becoming increasingly popular for network security, especially for smaller and medium-sized businesses. They both do away with the need for on-premises network security appliances, yet still provide centralized control and ease of use for building network security defense in depth. While UTM systems and next-generation firewalls (NGFWs) are sometimes comparable, unified threat management device includes added security features that NGFWs don't offer.
Originally developed to fill the network security gaps left by traditional firewalls, NGFWs usually include application intelligence and intrusion prevention systems, as well as denial-of-service protection. Unified threat management devices offer multiple layers of network security, including next-generation firewalls, intrusion detection/prevention systems, antivirus, virtual private networks (VPN), spam filtering and URL filtering for web content.
Unified threat management appliance has gained traction in the industry due to the emergence of blended threats, which are combinations of different types of malware and attacks that target separate parts of the network simultaneously. By creating a single point of defense and providing a single console, unified security management make dealing with varied threats much easier.
Unified threat management products provide increased protection and visibility, as well as control over network security, reducing complexity. Unified threat management system typically does this via inspection methods that address different types of threats. These methods include:
- Flow-based inspection, also known as stream-based inspection, samples data that enters a UTM device, and then uses pattern matching to determine whether there is malicious content in the data flow.
- Proxy-based inspection acts as a proxy to reconstruct the content entering a UTM device, and then executes a full inspection of the content to search for potential security threats. If the content is clean, the device sends the content to the user. However, if a virus or other security threat is detected, the device removes the questionable content, and then sends the file or webpage to the user.
The most popular products in category UTM - Unified threat management All category products
Suppliers UTM - Unified threat management
F.A.Q. about UTM - Unified threat management
How UTM is deployed?
Businesses can implement UTM as a UTM appliance that connects to a company's network, as a software program running on an existing network server, or as a service that works in a cloud environment.
UTMs are particularly useful in organizations that have many branches or retail outlets that have traditionally used dedicated WAN, but are increasingly using public internet connections to the headquarters/data center. Using a UTM in these cases gives the business more insight and better control over the security of those branch or retail outlets.
Businesses can choose from one or more methods to deploy UTM to the appropriate platforms, but they may also find it most suitable to select a combination of platforms. Some of the options include installing unified threat management software on the company's servers in a data center; using software-based UTM products on cloud-based servers; using traditional UTM hardware appliances that come with preintegrated hardware and software; or using virtual appliances, which are integrated software suites that can be deployed in virtual environments.
Benefits of Using a Unified Threat Management Solution
UTM solutions offer unique benefits to small and medium businesses that are looking to enhance their security programs. Because the capabilities of multiple specialized programs are contained in a single appliance, UTM threat management reduces the complexity of a company’s security system. Similarly, having one program that controls security reduces the amount of training that employees receive when being hired or migrating to a new system and allows for easy management in the future. This can also save money in the long run as opposed to having to buy multiple devices.
Some UTM solutions provide additional benefits for companies in strictly regulated industries. Appliances that use identity-based security to report on user activity while enabling policy creation based on user identity meet the requirements of regulatory compliance such as HIPPA, CIPA, and GLBA that require access controls and auditing that meet control data leakage.
UTM solutions also help to protect networks against combined threats. These threats consist of different types of malware and attacks that target separate parts of the network simultaneously. When using separate appliances for each security wall, preventing these combined attacks can be difficult. This is because each security wall has to be managed individually in order to remain up-to-date with the changing security threats. Because it is a single point of defense, UTM’s make dealing with combined threats easier.