What Is Unified Threat Management (UTM)? - Fortinet

Unified threat management (UTM) refers to when multiple security features or services are combined into a single device within your network. Skiptocontent Skiptonavigation Skiptofooter WhatIsUnifiedThreatManagement(UTM)? ContactUs UnifiedThreatManagerDefinition Unifiedthreatmanagement(UTM)referstowhenmultiplesecurityfeaturesorservicesarecombinedintoasingledevicewithinyournetwork.UsingUTM,yournetwork’susersareprotectedwithseveraldifferentfeatures,includingantivirus,contentfiltering,emailandwebfiltering,anti-spam,andmore. UTMenablesanorganizationtoconsolidatetheirITsecurityservicesintoonedevice,potentiallysimplifyingtheprotectionofthenetwork.Asaresult,yourbusinesscanmonitorallthreatsandsecurity-relatedactivitythroughasinglepaneofglass.Inthisway,youattaincomplete,simplifiedvisibilityintoallelementsofyoursecurityorwirelessarchitecture. DesiredFeaturesofaUnifiedThreatManager TherearecertainfeaturesthatanidealUTMsolutionmustpossess. Antivirus AUTMcomeswithantivirussoftwarethatcanmonitoryournetwork,thendetectandstop virusesfromdamagingyoursystemoritsconnecteddevices.Thisisdonebyleveragingtheinformationinsignaturedatabases,whicharestorehousescontainingtheprofilesofviruses,tocheckifanyareactivewithinyoursystemoraretryingtogainaccess.  SomeofthethreatstheantivirussoftwarewithinaUTMcanstopincludeinfectedfiles,Trojans,worms,spyware,andothermalware. Anti-malware Unifiedthreatmanagementprotectsyournetworkagainstmalwarebydetectingitandthenresponding.AUTMcanbepreconfiguredtodetectknownmalware,filteringitoutofyourdatastreamsandblockingitfrompenetratingyoursystem.UTMcanalsobeconfiguredtodetectnovelmalwarethreatsusingheuristicanalysis,whichinvolvesrulesthatanalyzethebehaviorandcharacteristicsoffiles.Forexample,ifaprogramisdesignedtopreventtheproperfunctionofacomputer’scamera,aheuristicapproachcanflagthatprogramasmalware. UTMcanalsousesandboxingasananti-malwaremeasure.Withsandboxing,acellinsidethecomputerisconfinedtoasandboxthatcapturesthesuspiciousfile.Eventhoughthemalwareisallowedtorun,thesandboxpreventsitfrominteractingwithotherprogramsinthecomputer. Firewall A firewallhastheabilitytoscanincomingandoutgoingtrafficforviruses,malware,phishingattacks,spam,attemptstointrudeonthenetwork,andothercybersecuritythreats.BecauseUTMfirewallsexamineboththedatacominginandoutofyournetwork,theycanalsopreventdeviceswithinyournetworkfrombeingusedtospreadmalwaretoothernetworksthatconnecttoit. IntrusionPrevention AUTMsystemcanprovideanorganizationwith intrusionpreventioncapability,whichdetectsthenpreventsattacks.Thisfunctionalityisoftenreferredtoasanintrusiondetectionsystem(IDS)orintrusionpreventionsystem(IPS).Toidentifythreats,anIPSanalyzespacketsofdata,lookingforpatternsknowntoexistinthreats.Whenoneofthesepatternsisrecognized,theIPSstopstheattack.  Insomecases,anIDSwillmerelydetectthedangerousdatapacket,andanITteamcanthenchoosehowtheywanttoaddressthethreat.Thestepstakentostoptheattackcanbeautomatedorperformedmanually.TheUTMwillalsologthemaliciousevent.Theselogscanthenbeanalyzedandusedtopreventotherattacksinthefuture. VirtualPrivateNetworking(VPN) Thevirtualprivatenetwork(VPN)featuresthatcomewithaUTMappliancefunctionsimilarlytoregularVPNinfrastructure.AVPNcreatesaprivatenetworkthattunnelsthroughapublicnetwork,givinguserstheabilitytosendandreceivedatathroughthepublicnetworkwithoutothersseeingtheirdata.Alltransmissionsareencrypted,soevenifsomeoneweretointerceptthedata,itwouldbeuselesstothem. WebFiltering AUTM’swebfilteringfeaturecanpreventusersfromseeingspecificwebsitesorUniformResourceLocators(URLs).Thisisdonebystoppingusers’browsersfromloadingthepagesfromthosesitesontotheirdevice.Youcanconfigurewebfilterstotargetcertainsitesaccordingtowhatyourorganizationaimstoaccomplish.  Forexample,ifyouwanttopreventemployeesfrombeingdistractedbycertainsocialmediasites,youcanstopthosesitesfromloadingontheirdeviceswhiletheyareconnectedtoyournetwork. DataLossPrevention ThedatalosspreventionyougetwithaUTMapplianceenablesyoutodetectdatabreachesandexfiltrationattemptsandthenpreventthem.Todothis,thedatalosspreventionsystemmonitorssensitivedata,andwhenitidentifiesanattemptbyamaliciousactortostealit,blockstheattempt,therebyprotectingthedata. BenefitsofUsingaUnifiedThreatManagementSolution FlexibilityandAdaptability WithaUTMnetwork,youcanuseasetofflexiblesolutionstohandlethecomplicatedassortmentofnetworkingsetupsavailableinmodernbusinessinfrastructure.Youcancherry-pickwhatyouneedfromaselectionofsecuritymanagementtools,choosingwhatisbestforyourspecificnetwork.Youcanalsoopttoobtainonelicensingmodelthatcomeswithallthetechnologiesyouwant,savingyoutimeshoppingforindividualsolutions. Because aUTMisflexible, youhavethefreedomtodeploymorethanonesecuritytechnologyasyouseefit.Also,aUTMcomeswithautomaticupdates,whichkeepyoursystemreadytocombatthelatestthreatsonthelandscape. CentralizedIntegrationandManagement InanormalsetupwithoutUTM,youmayhavetojuggleseveralsecuritycomponentsatonce,includingafirewall,applicationcontrol,aVPN,andothers.Thiscantaketimeandresourcesawayfromyourteam.However,withaUTM,youcanconsolidateeverythingandcontrolitallwithasinglemanagementconsole.Thismakesiteasiertomonitorthesystem,aswellasaddressparticularcomponentswithintheUTMthatmayneedtobeupdatedorchecked. ThecentralizednatureofaUTMalsoallowsyoutomonitorseveralthreatssimultaneouslyastheyimpactmultiplecomponentsofyournetwork.Inanetworkwithoutthiscentralizedstructure,whenamulti-moduleattackisoccurring,itcanbeverydifficulttopreventit. Cost-effectiveness Becauseofitscentralizedsetup,aUTMreducesthenumberofdevicesyourorganizationneedstoprotectyournetwork.Thismayresultinsignificantcostsavings.Inaddition,becausefewerstaffarerequiredtomonitorthesystem,youcansaveonmanpowercostsaswell. IncreasedAwarenessofNetworkSecurityThreats ThecombinationofaUTM’scentralizationandfasteroperationresultsinanincreasedawarenessofnetworksecuritythreats,enablingyoutoimplementadvancedthreatprotection(ATP).ThisequipsyourITteamtobettermanageadvancedpersistentthreats(APTs)andothermoderndangersonthelandscape.  TheenhancedcapabilitytoaddressthesekindsofthreatscomesfromaUTM’sabilitytooperateseveralthreatresponsemechanismsinunison,whichcombineforcesagainstthethreatsthatattempttoinfiltrateyournetwork. FasterSecuritySolutionforBusinesses WithaUTM,youcanstreamlinethewaydataisprocessedandusefewerresourcesatthesametime.TheUTMdoesnotrequireasmuchresourcesasseveralcomponentsoperatingindependentofeachother.ThehigherefficiencyyougetfromaUTMmayallowyoutofreeupresourcestobettermanageotheressentialnetwork-dependentprocesses. Next-generationFirewallsvs.UTM(UnifiedThreatManagement) Although,onthesurface,itmayseemthatthedifferencesbetweennext-generationfirewalls(NGFWs)andUTMaremerelysemantic,dependingonwhichNGFWyouuse,theremaybesomedistinctions.Tobeclear,bothsolutionsprotectyournetwork.WithaUTM,however,thereexiststhepossibilitythatyougetservicesyoudonotneed.Integratingthesewithyourcurrentnetworkcouldinvolveextrawork.ItcouldalsoresultindifficultdecisionsandachallengingsetupprocessasyoutrytoeithercombinetheUTM’sfeatureswithwhatyoualreadyhaveorpitoneagainsttheothertoascertainwhichsolutionisbetter. WithNGFWs,ontheotherhand,suchastheFortinetFortiGate,youcanchoosetoturnonthefeaturesyouneed,makingitacompleteUTMsolution.Conversely,youcanchoosetoonlyuseitasafirewalloractivatesomeprotectionsbutnotothers.If,forexample,youhaveFortiGateandchoosetouseittoitsfullcapacity,itwillalsoworkasaUTMsystem. AnotherdifferenceisthatanNGFWisaneffectivesolutionforlargerenterprises,whereasatypicalUTMmaygetoverwhelmedbythedemandsofanenterprise. HowFortinetCanHelp FortinetoffersseveralsolutionsthatgiveanorganizationthekindofprotectiontheyneedfromaUTM.FortiGateisanNGFWthatcomeswithallthecapabilitiesofaUTM.FortiGatehasanti-malwarecapabilities,enablingittoscannetworktraffic—bothincomingandoutgoing—forsuspiciousfiles.Inaddition,theFortinetUTMhasanIPSthatsecuresyournetworkagainstattackerstryingtogainafootholdwithin.Ifamaliciouselementattemptstoexploitavulnerabilityinyoursecurity,theFortiGateIPScandetecttheinvasiveactivityandstopitinitstracks. FortiGatealsocomesequippedwithdataleakpreventionsoftware,whichenablesittodetectpotentialbreachesandattemptsatexfiltration.FortiGatemonitorsyournetworkactivity,thenwhenadataleakisdetected,itblocksit,protectingsensitivedata.Theseprotectivemeasurescansafeguardthedataonendpoints,withinnetworktraffic,andwithinstoragedevices. InadditiontoFortiGate,Fortinethasanexpansivesuiteofproductsthatyoucanusetoprovidecomprehensiveprotectiontoallfacetsofyournetwork. QuickLinks FreeProductDemo Explorekeyfeaturesandcapabilities,andexperienceuserinterfaces. ResourceCenter Downloadfromawiderangeofeducationalmaterialanddocuments. FreeTrials Testourproductsandsolutions. ContactSales Haveaquestion?We'reheretohelp. AlsoofInterestSecurityandSD-WANSecuritySubscriptionsFortinetRequestaQuote ×