Unified threat management (UTM) is a universal software or hardware firewall solution integrated with an IPS (intrusion prevention system) and other security services. In essence, a UTM system is a multifunctional gateway providing all-in-one protection against network threats.
The term was introduced in 2004 by analytics company IDC. Gartner designates UTM a security system used primarily in small and medium-size businesses. An alternative to UTM, NGFWs (next-generation firewalls) are advanced firewalls with IPS capability as well as user and application control systems.
What UTMs include
Initially developed as standalone solutions, when integrated into a single system, UTM components’ number and capabilities can vary. As a rule, UTMs comprise:
- Firewall,
- IPS,
- DLP,
- Traffic, routing, and bandwidth management system,
- Antivirus,
- Spam filter,
- Web traffic content analyzer,
- VPN.
Pros and cons of UTMs
UTMs enable the management of network security through a single, all-in-one solution, greatly simplifying the task. In comparison with conventional firewalls, such systems can detect and block more sophisticated attacks.
On the negative side, UTM malfunctions can cause all security services to fail at once. For this reason, having a backup gateway in the network is recommended. A further disadvantage of UTMs is their low performance, a result of the large number of tasks the gateways have to handle.