M&A activity will increase in the unified threat management market between 2013 and 2016, according to a new report by Frost & Sullivan. The report also forecasts that the market will grow to more than 17 percent from 2011 to 2016. Chris Rodriguez, a senior industry analyst at Frost & Sullivan, said UTM prices increased 3 percent in 2011 and projected prices to grow the most in 2012.

UTM appliances typically provide firewall, antivirus, content and email filtering, intrusion prevention and application control in a single package. Distributors account for more than 75 percent of UTM appliance sales in North and South America, but Rodriguez added that VARs such as FishNet Security are critical for UTM market penetration into industry verticals. The top three competitors, Fortinet, Check Point and Dell-SonicWall, hold nearly 49-percent market share, according to the analysis.

Continue on to see to keep an eye on this year as the competition starts heating up in the UTM security appliances space.

Seattle-based WatchGuard also sells its products to the midmarket, but recently introduced an appliance for larger enterprises.

"WatchGuard follows a completely partner first model," said Frost & Sullivan's Rodriguez. "It allows them to deliver a little best-of-breed from one vendor together."

Its appliances can support from 240 Mbps to 20 Gbps of firewall throughput. The newly introduced XTM 8 Series supports the high firewall throughput and includes load balancing, dynamic routing, VLAN support and multi-WAN failover. The appliances support denial-of-service protection, intrusion prevention and VPN capabilities. Optional subscriptions are provided for application control, antispam, antivirus and URL filtering.

Fortinet sells 23 different models of UTM appliances ranging from 20 Mbps to 559 Gbps of firewall throughput. And, the company holds the market share lead, according to Frost & Sullivan's Rodriguez. He said the company has done a good job propelling its brand name and recognition.

Fortinet provides the FortiGate security platform designed to scale from small offices to very large enterprises, service providers and carriers. The appliances are updated on a continual basis with threat and vulnerability information from the FortiGuard Labs team. In addition to next generation firewall, VPN, and IPS capabilities, the appliances also provide data loss prevention, antimalware, antispam, application control, Web filtering, wireless controller and vulnerability management along with wireless access on certain models. The appliances support IPv6 and VoIP.

Coming in second place in terms of market share in Frost & Sullivan's report, Check Point Software Technologies appliances range from 2 Gbps to 6 Gbps of IPS throughput, designed to be deployed in environments ranging from remote offices to large enterprises.

Check Point sells the appliances as software blades that it says can be used as building blocks as needs evolve to extend security as the network changes. The company sells blades in three areas: Security Gateway, Security Management, and Endpoint Software. Each blade provides a range of security technology from IPS to DLP, Web filtering and antivirus. New blades can be added by enabling their functionality in software; no additional hardware, firmware or drivers are necessary, according to the company.

Cisco offers a line of UTM products with VPN and firewall capabilities for small businesses. Its UTM security appliances are designed for midsize businesses and include IPS, spam and Web filtering capabilities. Its 5500 series of Adaptive Security Appliances combine firewall protection and IPS with the integration of its ScanSafe service. The networking giant said its appliances provide VPN capabilities, secure mobility and unified communications for secure voice and data.

Dell acquired SonicWall from private equity firm Thoma Bravo for $1.2 billion in 2012. Coming in third in terms of UTM market share according to Frost & Sullivan, SonicWall sells appliances aimed at the midmarket and offers support from 5 Gbps to 40 Gbps of firewall throughput.

Its new TZ Series has an optional integrated WLAN, and its NSA 200 Series adds application control.

SonicWall said its proprietary Reassembly Free Deep Packet Inspection (RFDPI) engine is scalable and supports intrusion prevention, antivirus, antispyware, application intelligence and control. The engine can provide full inspection of SSL-encrypted traffic and non-proxyable applications enabling protection regardless of transport or protocol.

Juniper offers the SRX Series Services Gateways, which include a UTM offering for midsize businesses and remote offices. The SRX series includes an on-premise or cloud-based antivirus option, IPS, antispam, and Web filtering.

In addition, the firewall provides a layer of denial-of-service protection with an appliance that can support up to 150 Gbps in firewall throughput. It supports inspection of encrypted traffic and can provide an attacker target audit trail and reporting capabilities.

Barracuda Networks said it would be launching its UTM called Barracuda Firewall later this month. The company offers a line of content security appliances that protect against email, Web and IM threats, as well as a Web application firewall that secures Web applications and websites. In addition, the company provides a next-generation firewall that most recently was recognized by InfoTech Research Group. The company has separate appliances for data backup and message archiving.

Frost & Sullivan's Rodriguez called Barracuda's offering a strong, decent offering. Barracuda declined to participate in the 2012 Magic Quadrant on UTM because a spokesperson said the company's appliance is a "next-gen firewall and not in fact a UTM."

McAfee said its Firewall Enterprise appliance has next-generation features including application intelligence, encrypted traffic inspection, IPS, antivirus and Web filtering. The company said all of the services are included at no extra charge.

The company sells a separate Enterprise Control Center for "enterprise-class" network firewall policy management. The appliance appeals to organizations standardizing on McAfee with integration with its ePolicy Orchestrator management software. Like Barracuda Networks, McAfee was also not included in the Gartner 2012 Magic Quadrant on UTM.

U.K.-based Sophos acquired Astaro in 2011 and phased out its name this year, calling the product Unified. Sophos UTM ships to the midmarket. The Security Gateway appliance can support from 45 Mbps to 575 Mbps of throughput. In addition to firewall capabilities, it includes Web filtering, endpoint protection and email security. It is available in a hardware or software version and as a virtual appliance. The company also sells a remote Ethernet device called Sophos RED, which extends the UTM capabilities to branch offices.