IT Trenches

May 7 2009   7:33PM GMT

Is unified threat management defense in depth?

Troy Tate Profile: Troy Tate

An ITKE poster recently asked a great question.

Experts tout unified threat management appliances as an ideal antimalware, intrusion prevention and content filtering firewall for midmarket companies. But doesn’t this counter the long-standing security practice of defense-in-depth? With a one vendor, platform, and management console, aren’t we talking about a dangerous single point of failure?

When is UTM good enough? When should we go with standalone devices?

Here’s the answer that I offered:

Actually it is defense in depth even though they are all contained on one appliance or device. Think about the layers in a bullet proof vest. They each work in tandem to prevent damage to the person wearing it. However just one type of layer by itself would likely not be enough protection against certain firearms.

Granted it is a single point of failure, but the ability to manage an entire suite of services from one console is attractive to many smaller organizations that may not be able to provide the care and feeding of single purpose devices. The ability of a vendor to patch the entire product suite against vulnerabilities is another good reason to go to a UTM device. If using multiple devices from different vendors, then the vulnerability exposure could potentially be greater if one vendor addresses a vulnerability in their appliance/service but another does not.

I would go to standalone devices if the potential threat to my organization could create capacity/performance issues on the UTM device.

How do you think about the UTM vs defense in depth issue? Do you agree with the answer I offered? What do you think?

Thanks for reading and let’s continue to be good network citizens.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: