What is Unified Threat Management (UTM)?
What is Unified Threat Management (UTM)?
Unified Threat Management (UTM) is a collection of functions that capture threats at various stages of infiltration. This suite of tools works to protect customers against attacks and losses from cyberthreats including spam, viruses, ransomware, botnets and more.
What is a Unified Threat Management (UTM) firewall?
A UTM firewall is a comprehensive software solution that combines multiple security features into a single unified system with out-of-the-box policies, simplifying management and reducing the complexity of deploying multiple security solutions. Most UTM firewalls have functionalities like Intrusion Detection and Prevention System (IDPS), antivirus, antimalware, web filtering, Data Loss Prevention (DLP) and basic firewall features like packet filtering, stateful inspection and access control.
What are the benefits of a Unified Threat Management (UTM) solution?
Businesses of all sizes use UTM solutions to provide these key benefits:
- Centralized Integration and Management – A network security system contains multiple components (such as firewall, application control, among others) that can be cumbersome to control separately. UTM offers a framework that consolidates all the functions of the security system under one management console. This makes the system easier to monitor and gives operators the ability to pinpoint specific components of the UTM that may need attention for specific functions. Centralized security control allows businesses to monitor multiple threats affecting different components of your system simultaneously.
- Adaptability and Flexibility – UTM offers a wide array of security technologies from which organizations can pick and choose what is most relevant to them. There is also the option to acquire a single licensing model with all the technologies included which helps avoid the purchase of multiple modules which can be difficult to manage. Constant updates ensure that an organization’s system is always current and equipped to provide effective security from threats.
- Cost-efficiency – Organizations can benefit with significant cost savings by consolidating their network security management. A centralized framework reduces the number of devices that are needed, as well as the number of staff that were previously required to manage multiple devices.
- Increased Awareness of Security Threats – The combination of a UTM’s centralization and faster operation results in an increased awareness of network security threats, enabling you to implement advanced threat protection (ATP). This equips your IT team to better manage advanced persistent threats (APTs) and other modern cyber threats.
- Increased Threat Response Time – Integration of security functions under UTM allows for the coordination of functionality across various platforms. This allows for faster and streamlined processing of data while reducing resources required for threat inspection. This efficiency allows for network resources to be allocated to the needs of your business, such as resource-heavy applications, without compromising performance.
How does a Unified Threat Management (UTM) solution work?
A UTM solution identifies threats to an organizations’ network by using two inspection methods that address different types of threats:
- Flow-based inspection. Flow-based inspection, also known as stream-based inspection, samples data that enters a network security device, such as a firewall or IPS. The devices inspect the data for malicious activity, such as viruses, intrusions and other hacking attempts.
- Proxy-based inspection. Proxy-based inspection is a network security technique that can be used to examine the contents of packets that pass into and out of a network security device, such as a firewall, IPS or VPN server. By using a proxy server to inspect these packets, the network security device can act as a proxy to reconstruct the content entering the device.
What are the features of a Unified Threat Management (UTM) solution?
UTM solution features typically include:
- Antispam – Antispam detects unwanted and malicious emails with global spam filtering that uses sender IP reputation and spam signatures.
- Web Filtering – Web filtering blocks traffic to specific sites and domains that fit certain content types that are deemed as malicious. These settings can also be customized to filter out sites that make employees less productive.
- Antivirus – Antivirus software detects, neutralizes and removes malware programs. Some providers like Sangoma use patented techniques to remove hundreds of thousands of malware programs.
- Botnet and Domain Reputation – IP and domain address reputation tools block botnet command and control communication attempts daily. For reference, a botnet is a network of devices infected with malicious software and controlled as a group to send spam messages, initiate distributed denial-of-service (DDoS) attacks and steal date.
- App Control and Intrusion Prevention System (IPS) – An intrusion prevention system (IPS) is a network security tool that continuously monitors a network for malicious activity and takes action to prevent it, including reporting, blocking or dropping the activity. Sangoma’s IPS service has blocked over 470,000 network intrusions with new IPS signatures deployed daily.
Managed Unified Threat Management (UTM) Services by Sangoma
Sangoma’s UTM service is designed to protect single and multi-location businesses from unwanted and malicious traffic coming into their environment. It includes advanced security features like antispam, web filtering, antivirus, app control, intrusion prevention and botnet blocking. The best part is that our service is a fully managed firewall solution, so that businesses offload all their security measures onto the Sangoma cloud network operations team, putting the responsibility and effort on us to ensure your networks are secured.
To learn more about Sangoma’s Managed Unified Threat Management Services, please visit Managed Network
If you have any questions, don’t hesitate to get in touch with our team. We’re here to help guide you through the decision-making process and ensure you find the best solution for your business.