Critical Infrastructure Security

UTMs becoming universal

UTMs – universal threat management systems – probably are the poster product for convergence in the information security space. What started out as an evolution from multipurpose devices some years back has morphed into a well-defined product that now has morphed again into a catch-all for security functionality. 

Conventional wisdom says that you should consider your network compromised and worry now about how to keep the family jewels in the family. Today's batch of UTMs can help with that. They help by enabling the common sense defenses that we know we should deploy if only we had the tools to implement them. 

For example, assuming that your enterprise has been compromised, the next task is to detect data exfiltration. If a firewall is part of the UTM functionality, we now accept that it needs to look at traffic in both directions, not just penetration attempts from outside. If anti-malware is part of the functionality, it needs to see malware that is brought in by user carelessness or other client-side attack.

This month, SC Labs Manager Mike Stephenson took half the products and Kevin O'Connor took the rest. It was an interesting batch, to be sure. In addition, I looked at four very cool products in our periodic Emerging Products group. This time it's security for virtual environments. While we all probably would agree that the cloud is virtual, it does not stand that all virtual systems are clouds. 

There are multiple ways to secure a virtual system. Some hook into VMware's API, but some don't, and, while one might think that the API is necessary to provide good security, this month you'll find out that it's not always necessary to hook directly into the VMware kernel. Spending a lot of my time in a virtual environment has taught me that the world – while most of it may be VMware – has more than one virtual environment. Those other environments need securing too. Most of the products in our Emerging Product group address the popular virtual systems and are hypervisor agnostic.

I think that there is a lot to like this month – that generally is the case here – and I also think that this month we really have hit some of the most timely product types around. Enjoy!

Related

Third-party ransomware attack threatens Sweden’s liquor supply

Swedish government-owned liquor retailer Systembolaget, which is the country's lone vendor of alcoholic beverages, has warned of a shortage of some beers, wines, and spirits across the country following a ransomware attack against its distributor Skanlog, which its CEO Mona Zuko has attributed to a North Korean state-sponsored threat operation, according to The Record, a news site by cybersecurity firm Recorded Future.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.