Subscribe to our Resources Blog RSS feed to stay up-to-date on latest news.
When it comes to security devices, there are a lot more decisions to make than there used to be. Features that used to be market differentiators are now a given even on low-end commodity appliances, homogenizing offerings over the last few years. Market leaders have responded by adding new features and technologies to create what are now often referred to as Unified Threat Management (UTM) or Next-Generation Firewalls (NGFW).
So, what are these mythical creatures, what are they good for, who should consider them and why are they named after now-defunct space fantasy shows?
All valid questions. I’m glad I asked them on your behalf, and I’ll be happy to answer myself for you.
In a nutshell, these firewalls are designed to combine the function of numerous security technologies inside a single device. In addition to traditional firewall rules, you may find such features as:
In many respects, firewalls are an ideal point for inspection of data since they already inspect most, if not all, traffic in an organization. These hybrid devices tend to be very attractive from a pricing standpoint when compared to the cost of buying separate solutions for each technology. They can help simplify complicated designs by reducing the number of nodes that traffic must be sent through, and they may offer a more manageable learning curve for leanly staffed organizations.
For all that these devices can do, there are a few critical things to bear in mind before running out to buy one for your environment. Packing all these features into a single box can have some downsides, too.
Performing all these operations generally means higher latency and significantly higher requirements for system resources, particularly RAM and CPU. An overtaxed box can behave unexpectedly and either impact performance negatively or allow uninspected traffic to pass.
Another thing to remember is that firewall manufacturers may have a lot of experience with firewalls, but these other technologies are not firewalls. Your chosen vendor may not have much experience in with these added features. So, you might have to accept some tradeoffs in terms of protection compared to a best-of-breed approach.
Beware of optimistic performance metrics and other overstated claims. It is important to look and ask around before moving forward with one of these devices.
There’s no formula for determining if an organization is a good candidate for UTM/NG firewalls, but here are a few questions to help determine if you are NOT a good candidate:
If you answer ‘yes’ to more than a couple of these questions, UTM/NG firewalls may not be suitable for your data protection needs. But unless you know for sure they will not work for you (and why would you be reading this if you were?), they are certainly worth a look.