- Market surges, Gates predicts 9% unemployment
- Obama the first presidential hopeful to advertise in games
- Microsoft reveals critical holes in Active Directory
- BlackBerry Storm vs. the iPhone
- How will economy affect network equipment vendors?
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:Application Performance Solutions | App Performance | Networking Solution | SafeGuard Enterprise Solution Center | SOA | Test your Web Filter | Value of WDS
I just finished a hellishly large test for Network World of enterprise-class UTM firewalls. You’ll be able to read the full results in print and online Nov. 5. One of the tough questions I had to wrestle with is the definition of UTM when it comes to these gigabit behemoths.
In the SMB environment, UTM is pretty easy: firewall, antivirus, maybe IPS and antispam, content filtering, a handful of VPN tunnels. But at the enterprise level, it’s nowhere near as clear. I talked to a lot of my consulting clients, and while some were interested in some UTM features — IPS mostly — there was a lot of hesitation about piling anything new on top of existing firewalls.
Some of that fear is well-founded. For example, in the area of antivirus, most firewalls (SonicWall’s PRO is an exception) scan only a handful of protocols on predefined ports. You’re not scanning nonstandard protocols; you’re not scanning nonstandard ports; you’re not scanning encrypted traffic. Sure, there’s some value there, but is the value great enough to make it worth the cost and performance hit?
My conclusion is that the most likely scenario for additional protection in the enterprise firewall is going to be IPS, a natural and complementary technology. By coincidence, last week Gartner released its most recent “Magic Quadrant” on enterprise firewalls with a similar conclusion. Of course, Gartner had to create a new term for it, specifically tossing UTM to the SMB and branch-office market and calling these enterprise-sized devices Next-Generation Firewalls. But the conclusion is the same: At the high end, the norm for UTM will be IPS and not much else.
Rss FeedRss Feed
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment