Buyer’s guide to UTM appliances
Dave Mitchell compares four unified threat management appliances and reveals how to keep your business safe against the latest dangers
Dave Mitchell compares four UTM appliances and reveals how to keep your business safe.
In our 2020 roundup of unified threat management (UTM) appliances ( see issue 306, p94), we recommended that SMBs should cultivate a healthy sense of paranoia. That was just before the Covid-19 pandemic hit the UK in earnest – and the rest of the year proved to be a boom time for hackers. British ISP Beaming, which specialises in secure connections, reported that the average UK business was targeted by nearly 700,000 attacks in 2020, a
20% increase over the previous year. Even as social restrictions start to ease, there’s no reason to think these attacks will decrease any time in the near future – and SMBs are at risk just as much as larger organisations.
Thankfully, enterprise-grade security is available to everyone.
There are plenty of UTM appliances available at very reasonable prices, offering a remarkable range of protection services, in cluding web, email and application security, intrusion-prevention services and good-old malware protection.
This month, we review four SMB-friendly UTM appliances from well-established names in this market: DrayTek, Fortinet, Sophos and Zyxel. We’ve chosen products that cover a range of budgets and put them through their paces in the lab to help you choose the right one for your business.
Small businesses often have limited on-site IT expertise – and that makes a UTM appliance ideal as it integrates a stack of security services into one device. All internet traffic passes through one point on the network perimeter, making it simple to apply security policies to every individual and device located behind it.
A UTM will also feature a built-in firewall to take care of incoming connections. If you’re currently using a basic consumer-type firewall, you’ll be amazed at the versatility of a “next-generation firewall” (NGFW), which includes advanced functions such as granular application control, intrusion prevention and VPN support for secure site-to-site and remote user connections.
If you’re unsure about which protection services you need, consider choosing a platform that offers a range of subscription-based licences. That way, you can always upgrade to more features if needed, and make savings by purchasing longer-term subscriptions – or pare down your security provision if you’re paying for more than you need.
“A good UTM will check traffic at the gateway and block anything malicious so it never even gets onto your network”
Secret service
While the various appliances and services on offer come with differing capabilities, there are a number of protection features that should be considered essential. Antivirus scanning is top of the list: you may already be running client-based security software, but a good UTM will check traffic and web content at the gateway and block anything malicious so it never even gets onto your network.
Some appliances go further by offering a cloud sandbox function. This helps shut out even unique zero-day threats by isolating any unrecognised files, sending them to the sandbox service and running them in a remote virtual environment to check that they’re safe. If an executable exhibits suspicious or dangerous behaviour, it’s not allowed through onto your network.
Web filtering is another valuable feature, giving workers blanket protection against compromised sites and phishing attacks. With category filters you can additionally block content that’s not appropriate for the workplace – and, if you wish, you can restrict access to social media platforms and other productivitysapping sites too.
For finer-toothed management of what your employees are doing online, consider application controls. These use signatures to identify the traffic from specific apps and online services, and provide facilities for managing access to hundreds of common applications. You can set policies that block non-business or high-risk apps, limit users to a subset of app features or, in some cases, require users to authenticate before they can use specific apps.
On my radio
As well as keeping an eye on network activity, a UTM appliance can form a part of your network infrastructure, with many models doubling up as a dual-band 802.11ac Wi-Fi access point (AP). This provides a straightforward way of ensuring the same security policies are applied to both wired and wireless clients.
If you’re tempted to take advantage of this capability, check for the ability to create guest Wi-Fi networks, isolate them from the main network and apply separate policies. For an extra touch of professionalism, some UTMs let you create a custom portal for your guest network, with support for a range of authentication services.
Even a UTM appliance that lacks integrated Wi-Fi may be usable as a wireless gateway controller; all four of the models on test this month will integrate with standalone APs from the same vendor to instantly provision secure wireless networks.
Remote control
Distributed teams are here to stay and you may need more than one UTM to protect multiple sites. If you want to manage several appliances at once, look for cloud management support; most vendors provide free portals that you can use to monitor and configure your hardware from anywhere over the internet.
Sophos also offers an alternative way to protect multiple locations with its Ethernet-based SD-RED device, which creates a secure VPN tunnel to the main appliance and extends its protection to a remote network, with the same policies as local users.
For remote workers, it probably isn’t realistic to put dedicated security hardware into each employee’s home, but certain UTM appliances can integrate with the corresponding end point protection software. This allows you to use the appliance’s cloud management portal to monitor the protection status of remote workers, and to be alerted if a threat has been detected.
Amid the chaos of the pandemic, it’s understandable if SMBs haven’t been fully able to focus on security – yet they’ve never been at greater risk of a data breach. Compared to the cost of recovering from an attack, all the UTM appliances on review this month represent a comparatively small outlay and offer an incredible range of sophisticated security features for the price. Read on to find out how to keep your business safe in a postpandemic world.