GWI Blog (Return to Blog)

The Pros and Cons of Unified Threat Management

Posted on by Trevor Jones

Unified Thread Management (“UTM”) has developed into the default solution for many information technology integrators and managed service providers in recent years.  Simply put, UTM is a network security function which integrates a wide variety of security services into a single device or service.  The promise of UTM for most IT managers is that it can simplify your life and reduce costs by rolling the capabilities of several devices into one. Our own Managed Network Security service’s complete plan is an example of such a service.

Fortigate UTM

A Fortigate 110D UTM Appliance Used in our Managed Network Security Service

The alternative to Unified Threat Management is to have multiple separate devices, each designed to perform one or more functions.   For example, you might have dedicated appliances to provide your network firewall, spam filtering, web content filtering, and intrusion detection and prevention.  Each device is connected to your network and provides a portion of the functionality of the UTM appliance.

So, which is right for your business -a solution that includes everything in one box, or specialized appliances for specialized services?  Here are a few of the pros and cons of Unified Threat Management as compared with a traditional multi-box solution to help you make the decision.

Advantages of Unified Threat Management

  • Lower up-front cost – Generally speaking, a single all-in-one appliance costs less than buying multiple dedicated systems.
  • Lower maintenance costs – Since you’re buying just one support agreement for all security services, you can significantly reduce the amount you pay for service contracts and ongoing support.
  • Less space – If you have limited space for networking equipment, Unified Threat Management’s ability to fit all the services into a small, self-contained package can be really appealing.
  • Lower power consumption – One power supply means less power used and less lost while reducing line voltage to the levels network devices use.
  • Easier to install and configure – A one appliance set up means there are just a couple of wires to connect and one interface to use setting the device.
  • Fully integrated – The UTM device’s many features are designed to work together without leaving holes in your protection or creating interoperability challenges.

Disadvantages of Unified Threat Management

  • Less specialization – Like a Swiss Army knife, a UTM device is a single tool designed to fill multiple roles.  It therefore could lack some of the more granular features a dedicated box provides.  Probably the most important example of where a dedicated appliance may be superior is in anti-virus, anti-malware and anti-spam features.
  • Single point-of-failure – The drawback of any single box system is that when it fails, everything fails.  As a result, it’s a great idea for Unified Threat Management users to purchase a managed UTM service that includes a full backup of your configuration and next business day replacement of your hardware. In addition, many UTM devices these days allow you to cluster multiple appliances to eliminate this risk.
  • Possible performance constraints – Because the UTM device’s single CPU is being expected to perform multiple tasks at once, it could become overtaxed when dealing with multiple simultaneous attacks.  In such cases, some devices will shut down selected services to maintain the integrity of the device, limiting your protection.  Usually this can be overcome by purchasing a device with significantly more processing power than you think you need.


Leave a Reply