UTMs becoming universal
Peter Stephenson, technology editor, SC Magazine
UTMs – universal threat management systems – probably are the poster product for convergence in the information security space. What started out as an evolution from multipurpose devices some years back has morphed into a well-defined product that now has morphed again into a catch-all for security functionality.
Conventional wisdom says that you should consider your network compromised and worry now about how to keep the family jewels in the family. Today's batch of UTMs can help with that. They help by enabling the common sense defenses that we know we should deploy if only we had the tools to implement them.
For example, assuming that your enterprise has been compromised, the next task is to detect data exfiltration. If a firewall is part of the UTM functionality, we now accept that it needs to look at traffic in both directions, not just penetration attempts from outside. If anti-malware is part of the functionality, it needs to see malware that is brought in by user carelessness or other client-side attack.
This month, SC Labs Manager Mike Stephenson took half the products and Kevin O'Connor took the rest. It was an interesting batch, to be sure. In addition, I looked at four very cool products in our periodic Emerging Products group. This time it's security for virtual environments. While we all probably would agree that the cloud is virtual, it does not stand that all virtual systems are clouds.
There are multiple ways to secure a virtual system. Some hook into VMware's API, but some don't, and, while one might think that the API is necessary to provide good security, this month you'll find out that it's not always necessary to hook directly into the VMware kernel. Spending a lot of my time in a virtual environment has taught me that the world – while most of it may be VMware – has more than one virtual environment. Those other environments need securing too. Most of the products in our Emerging Product group address the popular virtual systems and are hypervisor agnostic.
I think that there is a lot to like this month – that generally is the case here – and I also think that this month we really have hit some of the most timely product types around. Enjoy!