By Wana Tun
As cyber threats evolve and become more sophisticated, it is essential that companies select strong protection to safeguard their networks.
With the growing popularity of Unified Threat Management (UTM) and the wide selection available on the market, organizations, especially small and medium businesses (SMBs), are bound to face difficulties discerning which device is the best.
Many SMBs are still not aware of the different network security threats, lack dedicated IT professionals and security experts within the company, and often assume simple antivirus or firewall tools can protect them.
However, most SMBs have the same infrastructure and security needs as the larger organizations and would hence require a more comprehensive tool for defense.
A UTM device is a set of security software integrated on a single device. Most organizations can choose the security elements they prefer and manage it with a central console. With its simple configuration, deployment and range of security tools in a setup, SMBs can benefit not only from saving time and money, but also a stronger security posture.
When a company reviews UTMs, there are two things to consider: the overall benefits offered by the UTM approach, and how the individual network security features meets its unique needs. Here is a checklist for SMBs and what features to look out for in order to properly evaluate UTMs:
Network security
Attackers change and adapt their breach methods to avoid being detected so it is critical to ensure a UTM device first and foremost provides basic network protection. Most large businesses have resources to identify, defend or dedicated staff against threats. SMBs cannot afford to do the same so in order to maximize their budgets, they should look for a product that offers layered security features.
Features: Intrusion prevention system (IPS), advanced threat protection (ATP), site-to-site VPN options, remote access options and office support, detailed reports and statistics on network bandwidth usage and security.
Web security
The Internet is a cheap and useful way for SMBs to promote their businesses but most are unaware of threats such as malicious URLs. Some use basic Web filters but these merely inspect traffic on the sidelines. With Web protection, a UTM can stop malware and viruses from entering and provide detailed reporting on how effective security measures are.
Features: URL filtering, spyware protection, antivirus scanning, HTTPS scanning, application control, interactive Web reporting
Web server protection
SMBs leverage the Web for e-commerce and it is crucial to secure transactions. Web application weaknesses are exposed when they are connected to an internet server. Securing Web servers prevent hackers from using SQL injection and cross-site scripting attacks from stealing sensitive data such as credit card information. It should also ensure the company achieves regulatory compliance when a Web application firewall, which scans activity and identifies attempts to exploit Web applications are needed.
Features: Form hardening, antivirus scanning, URL hardening, cookie protection, two-factor authentication
Next-generation firewall (NGFW)
Traditional firewalls allow traffic through HTTP and HTTPS ports, but the NGFW is an evolved version. It has application signatures to identify traffic on a larger level, conducts deep packet inspection, identifies and blocks exploits, malware and other threats. With budget constraints, a NGFW enables SMBs to be more strategic by helping them prioritize their network usage.
Features: Application visibility and control, optimizing the use of internet connection, clear and understandable IPS, seamless VPN for remote connection
Wireless security
A 2012 Sophos survey found that while most SMBs have deployed Wi-Fi, 79 percent of respondents had doubts that its wireless networks were secure as they do not have the expertise to ensure safe wireless usage. A UTM device should reduce or eliminate the issue of enforcing consistent security policies within an organization and enable companies to centrally manage the wireless network.
Features: Plug-and-play deployment, central management, integrated security, WPA/WPA 2 encryption, guest internet access, detailed reporting on connected wireless clients and network usage
Endpoint protection
A corporate network evolves whenever a laptop or mobile device connects to it. As SMBs start to ride on the Bring-Your-Own-Device (BYOD) trend, endpoint protection is necessary to check connecting devices for current updates and security policies.
A good UTM should protect company-owned devices on and off the network. This can help SMBs reduce management efforts and save money through integrating endpoints directly with UTM appliances.
Features: Ease of deployment, antivirus scanning, device control, real-time reporting
Email protection
Emails are the main vector of malware, scams and spam, and cybercriminals increasingly leverage them as an entry point into the networks of unsuspecting SMBs. Email protection becomes more important than ever as these threats evolve so they do not affect the businesses of SMBs.
Features: Anti-spam, antivirus scanning, email encryption, user portal
The author is the regional technical evangelist at Sophos
