Unified Threat Management is expanding

Threat-management centres will play an increasing role in assisting UTM administrators defend the network from data breaches that could affect the share price and employees' jobs and increase the risk of a company having its reputation damaged in the long term.

CIOs and administrators are looking for a flexible approach to network security management where they can pick and choose which modules (eg anti-virus) they need activated - and where (eg the network gateway). As the move to distributed enterprise solutions continues, so there will be a trend to consider network virtualisation and to manage all the endpoints that are directly connected to the internet. This is already happening and enterprise and mid-sized businesses will be able to adopt information security polices that reflect the virtual wide network with greater ease, more cost-effectively and in a proactive way.

There is a trend where enterprise and mid-sized businesses are requiring sizeable disk space to support the needs for anti-spam, virus quarantining and linking to the corporate directory, so demand for disk space is likely to increase in the rest of 2009 and beyond.

There is also a move to more user personalisation (think Facebook and what you can find out about your employees), where you don't just look up an IP address and run a port inspection, you build a user profile picture based on the employee and a specific department.

This will allow organisations to manage network security (ie through web content filtering and deep packet inspection) more effectively and provide reports on working patterns in an effort to reduce overheads.

As mentioned above, the next step for UTM customers to upgrade to is known as XTM - extensible threat management. XTM is just that - an extension of the UTM model, with greater security features, networking capabilities and management flexibility.

WatchGuard is one of the leading vendors in going beyond UTM offerings by providing an XTM solution. It takes an intelligent layered approach to security that provides a multitude of security technologies and application proxy technology to defend against malware, viruses and hackers.

Enterprises will be looking towards XTM for: greater WAN optimisation; better management software; simple one-touch control; greater administration; more security configuration options; the ability to upgrade/work alongside existing appliances and to upgrade subscriptions and security services without having to install new devices; and being able to operate in a network topology environment.

So having considered UTM and XTM, what about the future? Some industry security experts speculate that Check Point's software blade architecture (SBA), launched at the end of February, could signal a new trend in the "security in the one box" sector.

Check Point hopes that SBA will alter network security forever. It says that the main advantage of software blades is that they are independent and modular, which allows administrators to select the exact security software blades they need for each part of the business.

This means a company can create any configuration it requires, allowing it greater flexibility to tackle new threats and business risks.

According to IDC, SBA is expected to be the next-generation technology architecture, driven in part by the current economic climate and its demand for cost-effective solutions.

Security analysts and CIOs will certainly be watching and analysing SBA technology and the development of XTM with interest over the coming months.

Why adopt a UTM strategy?

# To upgrade from an endpoint infrastructure
# To reduce increased security leakage from consumer technologies, such as iPhones - and Web 2.0 applications, such as social networks and mash-ups
# Because vendor business models have moved from a capital-focused to a service-focused model - which is bringing down the cost of purchasing a UTM device
# Budgets are tighter than in recent years - so purchasing a "security in the one box" solution can save money, increase security reputation and deliver future scalability
# Cybercrime isn't taking a break. Some experts believe that the cybercrime threat will increase as the global downturn continues
# The UTM gives higher performance, more capability and better appliance/application control
# It means easier configuration and management for administrators
# Training, certification, tech support and maintenance/licensing costs are lower