Networking

09:42 AM
Connect Directly
RSS
E-Mail
50%
50%

The Case For Remote Office Unified Threat Management

Unified threat management (UTM) devices are becoming an important consideration for branch office security as enterprises look to balance cost restraints and the ever-increasing bandwidth requirements spurred by performance-sensitive, low-latency applications such as VoIP and video across the WAN. Most typically, enterprises backhaul traffic to central locations where they apply security controls such as firewalling, intrusion prevention, AV and anti-spam--the so-called hub and spoke architectur

Unified threat management (UTM) devices are becoming an important consideration for branch office security as enterprises look to balance cost restraints and the ever-increasing bandwidth requirements spurred by performance-sensitive, low-latency applications such as VoIP and video across the WAN. Most typically, enterprises backhaul traffic to central locations where they apply security controls such as firewalling, intrusion prevention, AV and anti-spam--the so-called hub and spoke architecture--and enforce security. An increasingly popular option is to manage essential corporate application and services traffic over the private network and provide low-cost, commodity direct Internet access at the branch. But that exposes branch offices and their users to all kinds of threats, as corporate security doesn't move out to the branches with the Internet access. That's where UTM comes in.

"Having servers at branch and doing things like replicating databases--that way of thinking is the old way of doing applications," said Scott Lucas, director of product marketing of Juniper. "Enterprises are moving back to the central data center for general economies and giving people access across network itself." That requires spending a fair amount of money, for example, buying MPLS circuits from a service provider to get the bandwidth you need.

Backhauling Internet traffic and retransmitting it makes little sense if you have more than a few branch offices, said Joel Snyder, senior partner at consultancy Opus One. You're either paying to get it on the private network--"the worst case"--or transmitting it on the public network twice, once encrypted in the tunnel on the private network and then to the Internet. "I see fewer people trying to backhaul Internet traffic to a central site, and that means greater demand for UTM in the branch," said Snyder. "Also, as people build more mesh networks as opposed to hub and spoke, they are worried about infected sites infecting other internal sites on these more highly interconnected networks."

UTM has replaced traditional firewalls in SMBs and branch offices. Typically, UTM appliances offer firewall/VPN at base and an assortment of optional security modules, starting with IPS and including, in most cases, anti-virus, some form of URL filtering and sometimes anti-spam. IPS is probably the most important security module, since directly accessed traffic is no longer run through your HQ IPS, but don't expect it to match the security capabilities of your high-end data center boxes.

"It's IPS light," said Snyder. "You're not getting the same strength of signatures as on a dedicated IPS box. You're not going to catch a lot of stuff." The analytics and management capabilities are weaker as well. The IPS management consoles in UTMs are almost universally poor. "When push comes to shove, how am I going to configure and manage the IPS and handle alerts. There is just no good answer with UTM. So, you lower your expectations," Snyder says.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Hot Topics
14
White-Box Switches: Are You Ready?
Tom Hollingsworth 7/28/2014
7
Understanding IPv6: Link-Local 'Magic'
Denise Fishburne, Cisco Champion,  7/24/2014
5
Fall IT Events: On The Road Again With 10 Top Picks
James M. Connolly, Editor in Chief, The Enterprise Cloud Site,  7/29/2014
White Papers
Register for Network Computing Newsletters
Cartoon
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Slideshows
Twitter Feed