Unified threat management (UTM) is an approach to information security where a single hardware or software installation provides multiple security functions. This contrasts with the traditional method of having point solutions for each security function. UTM simplifies information-security management by providing a single management and reporting point for the security administrator rather than managing multiple products from different vendors. UTM appliances have been gaining popularity since 2009, partly because the all-in-one approach simplifies installation, configuration and maintenance. Such a setup saves time, money and people when compared to the management of multiple security systems. Instead of having several single-function appliances, all needing individual familiarity, attention and support, network administrators can centrally administer their security defenses from one computer. Some of the prominent UTM brands are Sophos, WiJungle etc.
Features
UTMs at the minimum should have some converged security features like
- Network firewall
- Intrusion detection
- Intrusion prevention
Some of the other features commonly found in UTMs are
- Gateway anti-virus
- Application layer (Layer 7) firewall and control
- Deep packet inspection
- Web proxy and content filtering
- Data loss prevention (DLP)
- Security information and event management (SIEM)
- Virtual private network (VPN)
- Network tarpit