UTM appliances gain favour as information security budgets tighten

Many enterprises from France, Germany and the U.K. are looking at unified threat management to consolidate network security and cut costs.

Economic pressures are forcing many companies to review their network security and consolidate technologies where possible.

According to independent research commissioned by network security provider Fortinet Inc., midrange and large corporations in France and Germany are taking the opportunity to integrate their security over the next year, while their British counterparts tend to be less willing to rush into making changes.

On average, 90% of respondents said they will undertake a network security consolidation project in the next year, and two-thirds said their main driver was to reduce operating costs and simplify network management. But while 99% of French and 96.5% of German companies said they would consolidate their security, the figure for the U.K. was 73.5%. The research covered 600 enterprises, 200 from each of the three countries.

"The state of the global economy has put people's minds into much sharper focus. They have far fewer operational staff than they used to, but they still have the same operational requirements," said Paul Judd, U.K. country manager for Fortinet.

Those factors, he said, are persuading companies to switch from using separate products to manage different security functions, such as firewall, antivirus gateway and antispam, to adopting unified threat management (UTM) appliances that can manage multiple functions within the same box.

UTM was initially used in environments where there was no specialist security staff, such as in small businesses or branches of large organisations. But according to Romaine Foucherou, an analyst with research company IDC Inc., UTM appliances are increasingly being deployed in larger organisations.

"Two or three years ago, there was still a mentality that one server equals one function and that everything should be standalone. But that has really changed, influenced by monetary pressures," he said. "Companies are also thinking long-term. If they deploy UTM, it enables them to switch on new features when they need them –such as intrusion prevention. UTM is completely enterprise-ready, and IT managers are working on tighter budgets and need to do more for less."

He said he was surprised to see a lower take-up of UTM appliances by U.K. companies, and suggested that in France and Germany the faster adoption could have been helped by the presence of some strong local players.

Ask the Expert: Hold off on UTM?

A SearchSecurity.co.uk reader asks our resident expert Peter Wood, "Are there any disadvantages to adopting UTM?"

But Fortinet's Judd said that U.K. companies tend to be more reticent about adopting technology early, and contrasted them with their peers in Scandinavia who tend to be early adopters.

He said that functional specialisation in some bigger businesses can also act as a barrier to change. "It is true that the structure of companies can prevent them from adopting UTM -- the firewall is owned by the network people, the AV gateway is owned by the applications people, and content filtering by the security team. We have seen that in the past, and it is still there to a certain extent."

But with information security budgets reduced and threats still on the increase, he said most organisations were willing to look at UTM. "We used to have to do a lot of evangelising before, but now people understand it when they come to us," he said.

"UTM reduces operational costs and gives you the opportunity to increase operational efficiency. You only need to go on one training course to learn our management platform and interface, and you now understand our content filtering, our antivirus, antispam and intrusion prevention technology."

He said that in practice, companies are adopting UTM in stages, switching on new functions when existing security products need replacing.

"Some people may just start using the firewall; then as other products reach their end of life, the function can be switched on in the UTM," he said. "Technologies come up for renewal on the three to five year basis. You can make those devices redundant, save the money sending people on training courses for it, reduce the ongoing operation costs, and you reduce the complexity of your network, therefore making it a bit faster and more secure."

Read more on Hackers and cybercrime prevention