Unified Threat Management, Demystified
Considering unified threat management (UTM) appliances that combine many security jobs? Here's some advice from CIOs who've tried these all-in-wonders on for size.
His security defenses are complex and multi-layered; and while simplicity is generally a good thing, it's not Vordick's priority. "Our philosophy is defense in depth. That means looking at multiple (security) products from multiple vendors. We can not be dependent on any one layer," he says.
Not every CIO has the same worries as Vordick, of course. But as regulations like SOX and PCI standards place increasing demands on IT's security capabilities, more and more companies are choosing to simplify network defense by using a security appliance that combines hardware, software, and networking technologies. U.S. companies spent $3.85 billion on network security appliances in 2006, an expenditure expected to nearly double by 2011, according to market researcher IDC.
As USEC designed its security architecture, Vordick and his team had a wealth of options. They could have chosen to install one or more UTM (unified threat management) appliances, devices that handle multiple threats from a single chassis, or opted for a series of single function, best of breed appliances.
USEC choose a best-of-breed database security appliance by Guardium, plus point products from other vendors, largely because the defense in depth strategy meant that the convenience of deploying and managing a single device was outweighed by the fear of creating a single point of failure, Vordick says. Moreover, USEC sought a security appliance that would serve as a check on IT employees with privileged database access who might seek to view or change data without proper authorization, an atypical function for a UTM.
The choices regarding network security appliances are complex, but your decision won't just come down to a technology issue, says John South, senior security consultant for Plexent, a Dallas-based IT service management company. "The real question is how do we get our business done and still protect the corporation?" he asks.
Here are some of the issues South suggests you consider regarding security appliances: How does security fit into my overall architecture, and where is the boundary of my network? How many people will it take to support my choice; do I have the staff or can I count on support from the vendor? If I choose a UTM, do I know that the services are well integrated and the device is ultra-reliable; if I choose a series of point products, will the overall solution be able to handle a blended threat, and do the separate devices work well together? Does the appliance, best of breed or UTM, offer adequate reporting capabilities?
unified threat management
Receive the latest security news as it breaks.
