UTMs – Why these are important

Old No Comments on UTMs – Why these are important 18

UTM stands for Unified Threat Management. It is more than ‘just a firewall’, and it is one of the most important elements of a network.

As you know, my company offers third party IT services to clients of ours. In most cases, this means everything from firewalls to servers to printer support. Far too often, we take on new clients who really have no decent firewall or security on their network. You wouldn’t believe the amount of D-Link and Linksys WiFi routers that we see serving as the primary security device on small to medium size networks.

In the past, we simply had firewalls. Some of these were software based, some were hardware based. But they were just that, a firewall. They controlled access to ports, had the ability to filter and control internal traffic, and could permanently block access to the network to specifically identified external IPs. While these were (and are) good devices to have in your network security design, they simply don’t do enough to address today’s modern threats.

UTMs provide so much more functionality than a simple firewall. They encompass features such as:

  • A hardware firewall
  • Full anti-virus and anti-malware filtering
  • IPS (Intrusion Prevention System)
  • VPN (Virtual Private Network)
  • Security logging

The firewall is pretty straight forward, and continues to be the main focus of UTMs.

Anti-virus and anti-malware filtering has been around for some time now in the UTM world, and it is becoming increasingly popular, especially with small and medium size organizations. Think about this, you can filter viruses and malware coming from the internet directly at the hardware level. Before the malicious traffic even enters your network. From a system administrator’s perspective, this is probably the most convenient feature of a UTM. You have one license to worry about, and one device. No more software loaded on individual workstations, no more updates to push out, no more resource hogging on servers and clients. Yes, some will make the argument ‘what if someone brings a virus from home on their USB thumb drive’. Windows 7 and 8 include Windows Security Essentials (or Windows Defender), which is a free Microsoft product that protects against viruses and malware. This is sufficient for most networks, especially considering the likelihood of a user coming in with infected data (which in the real world is pretty low for smaller organizations).

IPS, or Intrusion Prevention Systems, is software that runs on UTMs that detects intrusion attempts by malicious users. They examine behaviour (port scanning, etc.), and counteract threats when they detect them. Because IPS is an adaptive technology, it can provide better protection than just your firewall. Firewalls merely let traffic in or block it. They don’t ‘watch’ traffic in an ‘intelligent’ fashion.

VPN, or Virtual Private Network allows users who are off-site, away from the main network, to log in securely and access network resources (such as shared files and folders). VPN connections utilize encryption, so the traffic that is sent back and forth isn’t in plain view over the internet. This is an absolute must-have for organizations who need off-site access to their network.

Finally, security logging. Everything that the UTM does can be logged and filed. This includes intrusion attempts, successful VPN connections, etc. This allows for easy auditing, should anything ever occur.

These are just some of the features that modern day UTMs provide. More importantly, many UTMs aren’t that expensive. A few hundred dollars will get you a basic entry level model. Remember, do not trust your network security to a home-based WiFi router, you will end up regretting it.

Author

Martin Lehner

Martin Lehner is an technology professional working for an IT services firm in Whitehorse, Yukon (Canada). He has been working in the technology field for over a decade. With a degree in Business Admin and numerous industry certifications, Martin leads a team of IT professionals that provide third party support for clients. Originally starting a company to offer web development services, Martin quickly realized that clients wanted the entire spectrum of technology services. When Martin is not at work (which is not often, since his company offers 24/7 support), he is busy at home spending time with his family.

Related Articles

Leave a comment

Back to Top