Balancing Security and Performance with Unified Threat Management, Part 2

Balancing Security and Performance with Unified Threat Management, Part 2

In the previous post, we discussed why adoption of unified threat management (UTM) solutions is accelerating, particularly among small and midsize companies that need a holistic, easy-to-manage security solution. By combining multiple security features in a single appliance, UTM enables a defense-in-depth strategy without the need to deploy and manage multiple appliances.

UTM solutions perform deep packet inspection, encryption, decryption and behavioral analysis to detect and block security threats. All of that heavy lifting requires significant processing power. If the UTM device isn’t up to the task, organizations may find it necessary to turn off security features to prevent network performance bottlenecks.

Through careful planning and evaluation of UTM solutions, however, you can minimize performance issues and future-proof your security strategy. First, don’t get hung up on firewall performance, which is often touted by vendors but says little about the quality of the product. Focus on UTM performance. Look for comprehensive network performance data for UTM when used as a stateful firewall, an IPS-enabled firewall and a fully enabled UTM. Ask to see additional metrics, such as network performance with a virtual private network. Also, analyze third-party testing to compare UTM capabilities with dedicated security products. UTM isn’t designed to perform a single security function, so it should be tested and compared when operating with all functionality activated.

A piecemeal approach to security is never recommended, and it’s one of the main reasons why so many security infrastructures are complex and ineffective. However, a flexible UTM solution with a modular design makes it possible to quickly deploy urgently needed security tools and gradually add functionality as necessary. A superior UTM should allow you to do this without compromising network performance. For example, an organization with dedicated security products may wait to activate redundant UTM functions until the licenses for their existing products expire. Ultimately, all security technologies will be consolidated in one UTM appliance with one management interface.

The WatchGuard Approach

WatchGuard takes a holistic approach to UTM protection that emphasizes the optimization of total system performance instead of a single security tool. Multiple UTM appliances can be clustered to share the processing load and maximize performance and availability. By decrypting secure packets before they pass through various security scanning tools, you eliminate redundant SSL decryption in multiple security appliances. Because security products are always being developed, WatchGuard advocates a modular design that allows companies to continually add new tools without adding complexity.

WatchGuard recently introduced the Firebox T70 network security appliance, which offers the fastest throughput in the industry, according to independent testing by Miercom. When operating in full-UTM mode, Firebox T70 delivers speeds of more than 1Gbps, which is 38 percent faster than the closest competitor and 52 percent faster than the average competitor. With Firebox T70 from WatchGuard, organizations no longer have to choose between security and performance.

Just because data breaches at smaller organizations don’t make the news, it doesn’t mean that those organizations aren’t under attack. UTM provides a simple way for small and midsize companies to implement a defense-in-depth strategy, and the new WatchGuard Firebox T70 delivers robust security that doesn’t drain network performance.


Just released our free eBook, 20 Signs That Your Business is Ready for Managed ServicesDownload
+