Security Basics mailing list archives
Re: UTM
From: Tsu <tsudohnimh () gmail com>
Date: Wed, 18 Apr 2007 12:43:01 -0500
UTM's can be good solutions depending on the size and needs of the network. Regardless of the vendor there are always concessions in a all-in-one box solution. I'm a big fan of Watchguard products and their UTM solutions are very good. I will say that their antispam offerings are not as granular as I prefer because it relies on Commtouch 's spam database. The other issue is performance, the more services and protections you add to an appliance the longer rule processing takes and in turn you get slower performance. If you can accept these drawbacks then UTM's are probably a good fit. If you have a smaller network 40 users or less then I'd recommend looking into Watchguard's Edge devices for larger networks you should consider their core line of appliances. The old axium of "jack of all trades, master of none" applies to this discussion. Can you find best of breed independent solutions for antispam, IPS, antivirus, firewall... etc...? Yes but it may take you $50,000 to get the best of each category. A UTM can provide acceptable protection for a fraction of that cost. The other consideration is that a UTM provides a single management interface and reduces the complexity and learning curve of administrating the device. If you are interested in Watchguard check out Edges - http://www.watchguard.com/products/edge-e.asp Core - http://www.watchguard.com/products/core-e.asp -- tsudohnimh www.knowthenetwork.com