How to protect your business
As cybercriminals line up to attack, Dave Mitchell puts four unified threat management appliances to the test
Dave Mitchell tests four UTM appliances to keep pesky cybercriminals at bay.
Small businesses would be well advised to cultivate a sense of paranoia in 2020. It’s easy to assume that you’re too small to be of interest to cybercriminals, but that’s a dangerous fallacy – it leads SMBs to under-invest in network security, making them a prime target for opportunist attackers.
The numbers tell the story. The government’s 2019 Cyber Security Breaches Survey found that 31% of responding SMBs had suffered a data-security breach. Ensuing data losses cost SMBs an annual average of £3,650 – and yet 29% of the businesses took no action to prevent such an attack recurring.
The good news is that it’s a lot cheaper to protect your data than it is to deal with a compromise. Unified threat management (UTM) security appliances offer the perfect solution, providing a complete spread of security measures at very affordable prices. This month, we review SMB UTM appliances from four well established brands, namely DrayTek, Sophos, WatchGuard and Zyxel. We’ve chosen products that cover a range of budgets and tested them thoroughly in our lab to help you choose the right one to keep your business safe.
Self defence
Most small businesses have limited on-site IT expertise, and for them a UTM is the perfect choice. After all, a single unit that handles all your security services is much easier to manage than solutions that bring together components from multiple different vendors. The appliance even keeps track of elements that need to be kept current, like malware signatures and IPS (intrusion prevention system) profiles, and can automatically download updates at regular intervals or on demand.
All of the appliances on review offer a user-friendly interface for centralised monitoring and swift access to features. Many SMB UTMs are also starting to support cloud management, but this is a relatively new development and features vary considerably: some appliances only support monitoring, whereas others can be fully managed over the internet. One product on review this month is even designed to be purely cloud-managed.
Ready to start
Today’s UTM appliances give you great flexibility, but there are a lot of subscription schemes and models to choose from, and it pays to research your options. Most vendors offer a range of licensing tiers, allowing you to buy a specific set of services over either one or three years.
All UTM appliances include a business-class SPI firewall as
standard, along with support for IPsec and SSL VPNs; some also offer built-in Wi-Fi services, enabling you to easily secure wireless traffic. Antivirus scanning intercepts and analyses all web, FTP and email traffic and blocks any dangerous items at the gateway so they never get into your network.
IPS works in a similar way, checking all data packets against vendor-provided signatures to detect and block vulnerability exploits such as denial-of-service attacks. You may see some products offering an IDS (intrusion detection system) service but be aware of the difference: this only alerts you to a potential attack without blocking it.
Web filtering is another important feature to look out for, allowing you to decide which types of websites users are allowed to visit. All four of this month’s appliances offer categorybased filtering so you can easily prevent staff from playing games, shopping online or wasting time on social networks.
Consider anti-spam services too, if they’re offered. Your antivirus component can strip out infected attachments, but it can’t do anything about social engineering attacks, and may struggle to identify sophisticated phishing attempts. Adding anti-spam measures to your UTM appliance allows it to weed out the majority of suspect messages – but we also recommend you train your staff on how to recognise and handle potentially dangerous emails.
A final component to consider is application controls, which can include granular options for managing thousands of common applications. Using these you could, for example, allow users to access the company Facebook account but not permit them to play games.
Appliance of science
A UTM appliance is a long-term investment, so you don’t want to choose one that’ll be running at full capacity on day one – otherwise your network will start to crawl along as your user base expands and gateway traffic increases.
All vendors advertise performance figures for their UTMs with various security services enabled, but don’t be swayed by high firewall throughput rates: these are invariably tested using lightweight UDP packets, which isn’t a good representation of real-world usage. Look to other services as your baseline, such as antivirus scanning and IPS, when sizing up an appliance for current and future demand.
Look into what sort of upgrade path the prospective vendor offers too. If your demands do grow beyond the capabilities of your UTM, you may end up with users clamouring for you to turn off vital security services, in order to restore the network to an acceptable speed. You’ll be glad if you have the option of trading in your
UTM for a higher-performing model at a reduced cost.
Safe not sorry
“You’ll be glad if you have the option of trading in your UTM for a higherperforming model at a reduced cost”
Security isn’t something you can afford to skimp on. A data breach could leave you facing not only damage to your brand, but punitive fines for failing to protect confidential information. And don’t think that parting ways with the EU gets you off the hook: GDPR rules will still apply in the UK. SMBs may get some leniency due to their limited resources, but failing to observe GDPR codes of practice could cost you 2% of your annual turnover or €10 million, whichever is higher – and breaches involving personal data could see this rise to 4% of turnover or €20 million.
Next to those sums, the cost of a security appliance clearly pales into insignificance – so read on to find which UTM is right for your business.