Lead

UTM vs. Standalone

Vinita Gupta focuses on the UTM market in India and analyzes the future of standalone security products

Unified Threat Management (UTM) has already started outgrowing the point security solution segment. The fast-paced transition from point to integrated security appliances is largely due to the cost-effectiveness and ease of manageability of UTM devices. Traditional software-based point products require fast and often dedicated servers on which to run, and are not only complex to manage but also require investment in technical staff to operate. The inconvenience of dealing with multiple annual maintenance contracts, patches, upgrades, licensing of standalone products, etc., add to the complexity.

According to IDC, the worldwide UTM market will be worth $2 billion by 2008 and UTM security systems will outgrow the traditional firewall/VPN appliances sector garnering 58% of the overall market. This is largely because UTM integrates multiple security features like anti-virus, firewall, intrusion detection and prevention systems into a single appliance.

Growth of UTM

UTM systems have been around in one form or another since the start of the decade. It’s only in the past few years that the technology has entered the mainstream IT security market, largely due to the development of relatively low-cost, rack-mounted appliances with high processing power.

However, the trend is towards convergence, which has helped in the evolution and emergence of UTM as the preferred choice that combines many technologies like AV, AS IDP and firewall, working in tandem on a single platform.

According to Frost and Sullivan, the integrated security appliance market in India was growing at a CAGR of 30.2% and was expected to reach $32.5 million in 2007, with a growth of nearly 70% over 2006. However, the first half of 2007 has already seen integrated security appliance revenues cross $17.5 million.

The market for integrated security appliances is picking up for many reasons. In this age of increasingly sophisticated blended threats, security gear is required to be much more intelligent in the way that it analyzes the various network and content-based traffic at the gateway and UTM acts as a trigger to address this concern, revealed Shubhomoy Biswas, Country Manager-India, SonicWALL.

Biswas added, “SMBs have been the driving force in the adoption of UTM appliances. We have seen a lot of demand in tier-II and tier-III cities. We have seen several large enterprises breakup their networks; decentralizing them into smaller networks and deploying UTM systems. Customers can recover their investment on security appliance in the first three months of deployment solely on savings on manpower and licensing cost.”

“UTM is a compelling and natural consolidation point in the evolution of information asset protection. Part technology and part packaging, it responds to the growing challenge of protecting information assets to help corporations meet the regulatory compliance needs of the 21st century,” said Digvijaysinh Chudasama, VP Sales, Cyberoam.

Effect on standalone devices

UTM appliances can sit on the edge or at the center of a company’s IT systems and run a variety of IT security applications, including a stateful inspection firewall, intrusion-detection software and a blend of anti-virus, anti-spam, anti-spyware, and content-filtering applications. Apart from integrating traditionally separate security services into a single device, UTM appliances also offer streamlined access to IT security policies and reporting.

Some companies are only using UTM for firewall, and VPN and standalone devices for protection against viruses, spam and other threats. UTM and standalone devices will continue to co-exist.

Rajendra Dhavale, Director-Technical Sales, CA India said, “The biggest disadvantage with UTM is that it can lead to single point of failure. Organizations are therefore using UTM, along with standalone appliances.”

UTM appliances have captured 12% of the market, while firewall /VPNs have fallen from 87% of the marketplace to 70%. UTM appliances are expected to account for the biggest chunk of the Indian market by 2008, mentioned Anand Iyer, President Marketing, Gajshield. He added, “Point products do not provide sufficient, timely and unified protection against today’s threats. It is difficult for them to keep up with and protect against complicated threats. Moreover they are difficult to deploy.”

Bhaskar Bakthavatsalu, Country Sales Manager, Check Point Software Technologies, India and SAARC believed that, point solutions would not vanish from the face of the network. “The future would see the emergence of single gateways. Over the years, VPN has become an integral part of the firewall,” he asserted. Next generation firewalls have intrusion prevention being integrated into the gateway as well. At the endpoint, enterprises would see personal firewall, anti-virus, anti-spyware NAC and VPN being integrated into a single agent.

According to Wing Fei Chia, Security Response Team Manager, F-Secure Corporation, UTM has already outgrown the traditional firewall/VPN appliances to meet the needs of the ever-growing and complex networks that are out there today. He said, “The future of standalone devices like anti-virus, firewall, and intrusion detection and prevention systems is that they will possibly end up in a museum one fine day, just like the 8” and 5.25” floppy disk.”

Sunil Sapra, Country Manager - India/SAARC, Watchguard Technologies revealed that WatchGuard only provides UTM solutions, and in the year 2006-2007 it saw 70% growth. This clearly showed that people are really going for UTM as it utilizes a real-time engine to deliver maximum internal and external network protection for corporate central sites, distributed environments and data centers. Sapra said, “Security compliance is becoming important for companies. UTM can help organizations in receiving security certifications.”

Paul Henry, Vice-president of Technology Evangelism, Secure Computing felt that standalone devices will always be around in the peripheral edges of the security market. “This is primarily so because there will be pockets of IT professionals who choose to believe in standalone security solutions as against all-in-one security devices,” stated Henry.

Next generation UTMs

Virtualization technologies already incorporated in UTM devices enable administrators to assign different virtual UTM devices to network segments or user groups. The entire system can then be managed through a single interface. Virtualization essentially simulates having multiple devices on the network, without the overhead and complexity of physically doing so.

Next-generation UTMs enable updates to be administered across functionalities and sites at the click of a button. Reporting is another major function that is lacking in most appliances. These days, the best UTM devices are equipped with advanced reporting features that enable network administrators to keep real-time tabs on overall performance. Provided the devices offer adequate extensibility and a good centralized management tool, the reporting interface should be able to deliver information about every security feature.

Now the trend in integrated security appliances is to look at solutions that can together protect external and internal threats.

Chudasama said, “The third generation of UTM solutions is capable of fighting increasingly complex blended threats in real-time without compromising on performance. The integration of identity controls in UTM ensures total protection against rising internal threats by identifying who is doing what in the network.”

In this age of convergence, UTM is here to stay and evolve as per the changing threat scenario and security needs. UTM appliances are already on logical evolution path where they have co-opted standalone devices. Of course, UTM systems with the capability to stay a step ahead of emerging threats through constant innovation and R&D efforts stand a better chance of ending up on top.

vinita.gupta@expressindia.com