The Downside of All-in-One Security

Unified Threat Management (UTM) products combine multiple security functions, such as firewall, content inspection and antivirus, into a single appliance. The assumption is UTM reduces management hassles by reducing the hardware in your security infrastructure ... but you know what happens when you assume.

You can slow the spread of security appliances by collapsing many devices into one, but most organizations struggle to manage the applications themselves, not the hardware that runs them. Content inspection, antivirus and firewall are all generally controlled by different crowds in the enterprise, which means some arm-wrestling to determine who maintains the UTM solution.

Then there's bundling. Some vendors support best-of-breed security apps, giving you a wider choice. However, each application has to crack packets individually--which affects performance. Other vendors tweak performance by tightly integrating apps, but you're stuck with the software they've chosen or developed.

For now, the single platform model isn't right for enterprises large enough to have a security staff. That said, the sprawl created by existing infrastructure can't go on forever--there is a limit to the number of security-only ports you can throw into the network. UTM will come eventually--just not today. --Don MacVittie, [email protected]