Posted by: Tony Bradley
antimalware, IP communications, Networking, Security, Unified Threat Management, UTM, VoIP
It seems that the world of information technology and information security is pursuing a path to harmony and cooperation. The current buzz word is “unity”. We have unified communications- converging IP networking, email, voicemail, voice communications, and instant messaging to provide an integrated communications framework. Another area of unity is in threat management. Traditionally, organizations have a variety of separate security devices and applications. They may have a firewall appliance at the perimeter, with some sort of IDS or IPS appliance between the firewall and the network. They may have an antimalware appliance, or have some antimalware software installed on email gateway servers. Perhaps, they even have an antispam appliance or application.
There are advantages to having multiple vendors and technologies. There is no single point of security failure. If a product from one vendor fails, hopefully one of the other layers will pick up the slack. But, there are a number of disadvantages as well. Multiple appliances or scanning engines means multiple points of latency or delay in transporting the network traffic. It means that information security personnel have to administer and monitor more devices. The information gathered and threats detected by the various technologies is generally not correlated in any way to paint the big picture of the state of network security.
With a UTM (Unified Threat Management) appliance, all of these security technologies are wrapped up in a single appliance. A UTM appliance is typically cheaper than the sum of its parts, easier to implement, configure and administer, and capable of viewing the entire security posture more holistically. For more about UTM, check out this article from SearchNetworking: Network Security: Using Unified Threat Management.