Defense in depth and unified threat management appliances

Intrusion detection
Midmarket security
Single Point of Failure
Unified Threat Management
Experts tout unified threat management appliances as an ideal antimalware, intrusion prevention and content filtering firewall for midmarket companies. But doesn't this counter the long-standing security practice of defense-in-depth? With a one vendor, platform, and management console, aren't we talking about a dangerous single point of failure? When is UTM good enough? When should we go with standalone devices?

Answer Wiki

Thanks. We'll let you know when a new response is added.

Actually it is defense in depth even though they are all contained on one appliance or device. Think about the layers in a bullet proof vest. They each work in tandem to prevent damage to the person wearing it. However just one type of layer by itself would likely not be enough protection against certain firearms.

Granted it is a single point of failure, but the ability to manage an entire suite of services from one console is attractive to many smaller organizations that may not be able to provide the care and feeding of single purpose devices. The ability of a vendor to patch the entire product suite against vulnerabilities is another good reason to go to a UTM device. If using multiple devices from different vendors, then the vulnerability exposure could potentially be greater if one vendor addresses a vulnerability in their appliance/service but another does not.

I would go to standalone devices if the potential threat to my organization could create capacity/performance issues on the UTM device.

In the IT trenches? So am I – read my IT-Trenches blog.

Discuss This Question: 1  Reply

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when members answer or reply to this question.
  • Kevin Beaver
    This is definitely a single point of failure but it may be worth the risk given the overhead of managing multiple systems like Labnuke99 says. Everyone's situation is unique but I recommend this type of system to SMBs quite often.
    27,520 pointsBadges:

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

To follow this tag...

There was an error processing your information. Please try again later.

Thanks! We'll email you when relevant content is added and updated.


Share this item with your network: