SC Labs took another look at several Unified Threat Management (UTM) products this month and we were impressed with the continued trajectory of innovation. The combination of UTM and NGFW (Next-Generation Firewall) capabilities has solidified the unification of these previously disparate systems into a singular powerhouse tool.
Analysts and administrators may now enjoy the centralized management of firewall capabilities alongside advanced threat protection and anti-malware measures and automated threat response, in a single threat management device. These advancements continue pushing these platforms even closer toward becoming “next-generation” SIEMs.
UTMs are must-have investments. They aggregate an array of threat intelligence and network/device information then display it in a single pane of glass, maximizing the value of existing security investments, overall network and environment visibility and productivity and efficiency of security teams. Extensive and sophisticated reporting operations drive insights even further with concise summaries and information breakdowns capable of adding value for technical personnel, executives and everyone in between. For security teams struggling to cope with alert fatigue and managing an unmanageable number of different security investments, one of these tools may fit the bill.
SC Labs reviewed a handful of Unified Threat Management (UTM) solutions this month. These products have seen a lot of continued growth and evolution with the enhancement and addition of more features and capabilities tacked onto these multi-layer threat prevention tools. UTMs should absolutely be considered a staple in every company’s security toolset.
Information security has become more important and complex than ever as more people work-from-home because of COVID19. Security teams were already buckling under the weight of too many security products, unrelenting cyberattacks and an industry-wide skill shortage. In some cases, the features offered with these products may even replace certain stand-alone environments and consolidate the same capabilities into a single device. The pandemic has only underscored these shortcomings and pitfalls and highlighted the importance of solution-focused security tools to enhance security teams and existing investments. Some UTM products include SSL VPN access for the remote workforce, emphasizing their relevance in the current climate.
The innovation within these UTM products are driving the benefits of firewalls further with a focus of seamless interoperability with other solutions and overall optimization of network performance. Some of the products we assessed this month even include bandwidth management with failover rules administrators may configure to maximize network performance and offer superior control with traffic shaping.
Extensive threat protection has also been bundled into these products, including advanced threat protection, malware detection and sandboxing capabilities layered on top of the typical UTM offerings such as IPS functionality and web content filtering. There are vast numbers of rules that administrators may configure to reduce the manual overhead of security in general and introduce automation into their environments. Many of these products offer threat hunting capabilities as well, aggregating data from various sources, enriching it with threat intelligence information and displaying it all in an easily digestible, single pane of glass.
These products come with large feature sets, making them dramatically impactful to any organization. They seamlessly unify your existing security investments and offer enriched, actionable data viewable through a single pane of glass. Optimizing network performance and providing deep insights with deep packet inspection, traffic monitoring and statis/dynamic file analysis drives the value of these products. Administrators and security teams can expect to see a reduction in alert fatigue as well as increased productivity and effectiveness when deploying one of these products.
The products also offer multiple reporting options. Predefined reports and out-of-the-box dashboards serve as a quick and easy way to pull whichever desired information into a concise summary that flows into detailed breakdowns that are digestible for technical personnel and executives alike. The UTMs feature centralized, simplified management and any organization that adopts one can and should expect a respectable return-on-investment.
Pick of the Litter
We found the WatchGuard Firebox T80 an easy-to-use UTM product that offers fast performance and extensive visibility at an affordable price. This efficiency combined with the no-cost, industry-leading, 24/7 pre- and post-sale support to ensure customer success makes this product an SC Labs Best Buy.
Fortinet FortiGate is a comprehensive next-generation firewall that meets the performance and security needs of hybrid IT architectures. This combined with the unparalleled security effectiveness and flexibility of the platform that offers seamless scalability to let customers respond to threats based on their specific needs and environments makes this elite solution our SC Labs Recommended product for this month’s round of testing.
Click on the chart for the full-size version: