Unified Threat Management is a deep defence solution encompassing network intrusion prevention, VPN, web/content filtering, antivirus, antispam, and data loss prevention as opposed to traditional firewalls providing only perimeter security. Due to UTM’s integrative nature, organizations can gain centralized control and monitoring of different security layers from the perimeters of the organization to internal traffic generated from servers and users. UTMs are suitable for any business aiming to reduce administrative overhead, security control costs, and the latencies introduced by adding more security devices in an IT infrastructure.
Anti-virus/-malware/-spam: Scans for malicious programs, malware, spam for quarantine or removal.
Next-gen Firewall (NGFW): NGFW is the core of any UTM solution which scans network traffic and behaviour on the protocol, ports, and application layers. NGFWs are application-aware. Organizations may allow legitimate port 80 traffic such as youtube.com for training as opposed to movie streaming sites.
Intrusion prevention: Analyses incoming network packets for attack signatures and perform an action based on a defined policy. For example, unsafe packets may be dropped to protect the internal network.
Virtual private networking: Allow employees outside of organization’s network to access internal resources via secure remote access over public networks.
Content filtering: Prevents access to inappropriate Web content by querying a cloud-based database. Administrators may also blacklist URLs/domains that are not allowed by company’s policy.
Other advanced features include application control, bandwidth management, data loss prevention, identity-based access control, and load balancing.