The 6 Required Components of a Good UTM Device

Thanks to recent developments in the network security space there are now products that serve as all-in-one gateway security devices.   These Unified Threat Management (UTM) appliances are fast replacing the need for multiple products from multiple vendors.  What should you look for in a UTM device?  Here are the most important features.

1.    Firewall.   Even the simplest gateway devices, like Lynksys, have firewall capabilities. The important thing is that they be easy to configure and understand.  They should have a simple web interface and they should be turned on!
2.    Content URL filtering.  This is the most important and powerful add-on functionality of a UTM device.  With it you select categories of websites you want to block.  For most small businesses blocking access to pornography, hate, and gambling sites is critical.  You will avoid possible legal complications and avoid many attempted “drive-by downloads” of malware.
3.    Anti-virus.  You already have pretty good AV on your computer (don’t you?) but filtering viruses at your gateway is an added layer of defense. It also protects your email server from having to handle the extra load.
4.    Anti-spam.  Same advantage as the AV.  One more place to stop spam and protect your email servers from working too hard.
5.    Anti-worm. Usually called Intrusion Prevention (IPS) this feature blocks the spread of worms and targeted attacks. Very important.
6.    WiFi.   Most UTM vendors have solutions that incorporate a WiFi access point.  This puts your wireless access behind your firewall and gives you a single console for managing it.  

There are other features that could be of use.  SSL VPN is often included, allowing you to use SSL to connect back to the office when you are on the road.  Automatic fail-over to a second box can be useful if you are worried about 24X7 connectivity.  Routing and load balancing across multiple ISPs is another feature.  Port density is another concern if you have multiple LAN segments in your office.  

Finally, it is critical to have a good management console that makes it easy to understand your current configuration and quickly change it as well as examine logs of activity on your network. 

With the six features covered here you will have gone a long way to protecting your office against most network born attacks.

 
Lots more coming on this hot topic!