Part 2: Understanding difference between Unified Threat Management (UTM) and Next Generation Firewall (NGFW)
In our last blog we tried to understand difference between UTM and NGFW and learnt that it is the business use case which is important and deciding factor for the purchase of the solution. In this article let us take a deep dive and explore more about these products.
Total Cost of Ownership (TCO)
According to recent survey conducted by large IT analyst firm, the top business and technology objective of Enterprises is to decrease cost of operations (IT or non-IT) through consolidation and simplification. That is why we are seeing a major trend towards integrating security technologies such as UTM’s and NGFW’s. For NGFW, the TCO accounts for the upfront cost of purchase and deployment, and the cost of operation. The TCO of a NGFW is not just the purchase price, but also the expenses incurred through its use and ongoing maintenance, support and operation. While a NGFW appears to be a great bargain for Enterprise but might actually have TCO that is higher than that of UTM. Whereas small and medium business (SMB) prefer UTM due to it’s single solution approach (all-in-one) and require support from resellers/ channels/ system integrator to manage the product in the long run. Irrespective of UTM or NGFW being rich in features, flexible and easy-to-use, it takes away favorable results at expense of a considerable amount of time spent by network engineers in trainings or learning to tweak the product even though you have procured it at reasonable price.
Does it align with IT strategy?
Organizations may soon discover that they do not require all the security features of UTMs or NGFWs. Features that are required by an organization should be determined well ahead of the purchase, as this will influence what product is bought and which all additional services are enabled. Typically additional services may include but not limited to – SSL, VPN, integration with Active Directory, Quality of Service (QoS) and more. Some UTMs or NGFWs generally have all these features already built into the product at no additional cost. That said, Organizations often don't activate or use all of them, because they do not fit the organization's IT strategy.
There is always a trade-off between IT and Purchase teams perspective when justification of investment is questioned. Industry experts say that organization at a minimum needs Firewall, Web Filter, Bandwidth Manager, IPS, Anti-virus, Anti-spam and Reporting. UTMs and NGFWs have all these features and more, but by contrast if an organization chooses point protection solutions (singular devices/ solutions) for each type of security need, then the individual cost of maintaining and supporting these products would add up and be challenged against cost of maintaining unified solutions in the long term. In addition to this, organization needs review its network architecture to determine whether point protection solutions or UTM’s are the best suited. In comparison to point protection solutions, UTMs provide a single vendor, comprehensive architecture and web based management interface for more flexibility in providing differing levels of protection, common reporting and, typically, a cost reduction by negating the need to purchase separate solutions and services.
By now we have understood that selection process of a UTM or NGFW is not straight forward, and lines appear to be blurring between the products. But we have to keep in mind few important traits – 1) focus on your problem 2) identify required set of features & services 3) availability of the vendor to support you in long term 4) quantify total cost of ownership of the solution 5) alignment with IT strategy 6) justification for the investment. That said it is imminent now that it’s all about business use case that eventually matters in the product selection process.