Part 1: Understanding difference between Unified Threat Management (UTM) and Next Generation Firewall (NGFW)

Let us first understand definitions generally adopted by industry to differentiate both the terminologies – as per Gartner, Unified threat management (UTM) is a converged platform of point security products, particularly suited to small and midsize businesses (SMBs). Typical feature sets fall into three main subsets - firewall/intrusion prevention system (IPS)/virtual private network, secure Web gateway security (URL filtering, Web antivirus [AV]) and messaging security (anti-spam, mail AV). Whereas, Next-generation firewalls (NGFWs) are deep-packet inspection firewalls that move beyond port/protocol inspection and blocking to add application-level inspection, intrusion prevention, and bringing intelligence from outside the firewall. Well both of these terms say that at the end of the day it is a firewall with overlapping features, so what is suitable to my network for implementation and how to go about it? It is confusing though.

Best way to understand difference is to go back into history and understand the scope of both the products. Not so long, a need arose wherein SMB’s were looking for solution that is just not only limited to firewall functionality but also has intrusion prevention/detection system (IPS/IDS), web anti-virus, anti-spam, content filtering and bandwidth management in a single suite which is easy to manage and maintain. Lately vendor’s added features like secure VPN, multiple Internet link management (combine internet connections), load balancing and web application firewall etc. to UTM. Well this was what SMB’s were asking for, that said, NGFW emerged in response to large Enterprise requirement, as they wanted to combine traditional port and protocol filtering along with IDS/IPS functionality along with deep data packet inspection. Experts say it is often difficult to call out difference between UTM and NGFW as lines appear to be blurring between the products.

Is it about SMB’s Vs. Enterprise business?

Going by the historical reports, we can say that it was type of business that led to product development. Is it so? Both Yes and No, if we listen to industry experts, small and medium businesses with remote locations (having warehouses/ depots etc.) were attracted to UTM whereas large enterprises preferred NGFW because of it’s throughput and network performance abilities. Experts from Gartner confirmed that large enterprises have had big IT budgets to buy latest technology and invest in staff trainings to support advanced features offered by NGFW. Whereas SMB business preferred UTM due to it’s single solution approach (all-in-one) and required support from resellers/ channels/ system integrator to manage the product in the long run.

In addition to above, analysts say that product ease of use and technical support matters a lot whereas underlying technology of UTM and NGFW and product specifications sheets are similar (not exactly the same). The key differences are now around quality of product and its features, level of technical support from the vendor or its resellers/ channels/ system integrator.

So what is the future?

Industry experts say that NGFW and Firewall will be used interchangeably whereas UTM will be very important for SMBs because they prefer in simplicity of deployment of the solution over depth of deployment. NGFW and UTM will continue to exist because of performance and management concerns.

Vendors will continue to add features and functionality to reduce total cost of ownership of the firewall. That said vendors would bring in more separate or purpose built solutions to devise new verticals and generate product interest in SMB and Enterprise markets.

UTM and NGFW are essentially the same products and differences are more of marketing created. UTMs are capable of doing everything that NGFW can do provided they are configured properly and have correct policy implementation. Rather than selecting a UTM or NGFW, goal should be to focus on the best product that can solve your problem.

Well, if we have to summarize here, it is not about UTM Vs. NGFW or small business or large enterprise technology requirements, but it’s all about business use case that eventually matters in the product selection process.

Posted on March 10, 2015 at 5:26 pm

No comments

Categories: Unified Threat Management

The comments are closed.