Getting Started In Unified Threat Management

Tom McArthur, president of Storbase, a Waltham, Mass.-based managed security services provider, generally provides custom security solutions for enterprise-level clients. While UTMs aren't always the best fit in those environments, McArthur has some ideas about how to go about finding the right clients for such products.

SMB sweet spot: People want best-of-breed purpose-built appliances at the bigger companies. They want the very best firewall, not the firewall thrown onto a Unified Threat Management appliance by a company that does something else well, like e-mail security. But when I'm selling e-mail security and Web security to SMBs, they do want more. So the most successful UTMs tend to be targeted at the SMBs. That's the sweet spot. On very anecdotal feedback, when you get to somewhere around 1,000 to 1,500 users, you'd want to go with the purpose-built solutions.

Keep an eye out for new vendors: When I think of leaders in the UTM appliance space, I think of Fortinet. But other vendors have started to get more into wrapping multiple security safeguards into one device. Keep an eye out for who's starting to play that game. There are antivirus companies and firewall companies that have started to sneak into this space as well. Some of the firewall companies are doing some interesting things, like building out more than just their traditional packet-monitoring.

Know the limits of the UTM device: The feedback I get from customers on these boxes is that they're OK. They haven't been overly thrilled. But they do a pretty good job, and they do everything. There are some areas where the UTM appliance can plug some of the holes the single-duty purpose-built security products leave open, particularly in the SMB space, where the client probably isn't going to want to purchase another costly appliance to handle that. The smaller UTM devices are like, give me a little bit of everything, make it affordable and make it easy for a small shop to manage. But keep in mind that there are two areas—e-mail security and Web security—where even the small customers aren't relying on UTMs, because nobody does that really well on an all-in-one device.