Attacks/Breaches

5/9/2013
11:10 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Unified Threat Management Vendors Don't Excel

Our survey shows users aren’t fond of UTM appliances.

We asked IT professionals who've used or evaluated unified threat management products to tell us about their performance and features in our latest vendor evaluation survey. The upshot? Few are enthusiastic about the performance of these appliances.

UTM appliances incorporate a dedicated firewall, a URL filter, a standalone network malware-detection system and more into one device. Users just need the appliances to be good enough, while they get cost savings from not having to buy multiple threat management tools.

chart: UTM Overall Vendor Performance

Our 183 survey respondents rated five UTM vendors -- Check Point Software, Cisco Systems, Dell SonicWall, Hewlett-Packard and Juniper Networks -- on overall performance, which included reliability and acquisition costs, and on specific features.

Cisco, Juniper and Dell had top overall performance scores of 75%. Check Point was close behind with 74%, and HP 72%. If this were a school report card, these vendors all have C averages.

Respondents rated reliability and performance as the two most important features (averaging 4.6 and 4.5, respectively, on a 1 to 5 scale, with 5 being "very important). No surprise there. The one surprise is how low product innovation scored, landing No. 8 out of 10 criteria. Given the rapid innovation in malware vectors and zero-day threats, it's odd that UTM product innovation isn't a priority.

On specific performance criteria, almost all of the scores fell somewhere in the mid-3 range. Cisco stands out with both the lowest score for any product category (a 3.1 in acquisition cost) and the most scores of 4.0 or better (breadth of product line, performance and reliability). Check Point had performance and reliability scores of 3.9, and a 3.3 acquisition cost score. Given that reliability and performance are the criteria rated most important, it seems that Cisco and Check Point are targeting customers' needs well, but at a price.

Price-conscious buyers should take a look at Dell SonicWall and Juniper, each of which rated most favorably on acquisition cost, at 3.7. Both companies are known for offering reliable products. Dell tied Check Point's scores in performance (3.9) and reliability (3.9) while topping Check Point in breadth of product line (3.8), post-sales support (3.7), service innovation (3.6) and acquisition and operational cost, both at 3.7.

chart: Vendors Face Off
Jack Of All Trades

When asked to rate 12 UTM features on their relative importance, respondents say anti-malware, high availability for failover, central management and URL filtering are most desirable. The lowest score for a particular UTM feature was a 3.5 for Juniper's ICAP integration and the highest was a 4.2 for Juniper's HA and Cisco's VPN termination features. In general it seems as if each of the UTM products did at least acceptably well for each evaluation.

We also break out respondents' evaluations of vendors' performance around individual features. It's worth noting that Dell SonicWall earned ratings of 4.0 or 4.1 in six individual categories, the most among the vendors evaluated. Check Point and HP each had five categories with ratings of 4.0 or higher.

UTM products do most things well enough, without excelling in any area. Which you go with depends on your risk profile, industry, budget and IT expertise.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Want Your Daughter to Succeed in Cyber? Call Her John
John De Santis, CEO, HyTrust,  5/16/2018
Don't Roll the Dice When Prioritizing Vulnerability Fixes
Ericka Chickowski, Contributing Writer, Dark Reading,  5/15/2018
New Mexico Man Sentenced on DDoS, Gun Charges
Dark Reading Staff 5/18/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "Security through obscurity"
Current Issue
Flash Poll
[Strategic Security Report] Navigating the Threat Intelligence Maze
[Strategic Security Report] Navigating the Threat Intelligence Maze
Most enterprises are using threat intel services, but many are still figuring out how to use the data they're collecting. In this Dark Reading survey we give you a look at what they're doing today - and where they hope to go.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-8142
PUBLISHED: 2018-05-21
A security feature bypass exists when Windows incorrectly validates kernel driver signatures, aka "Windows Security Feature Bypass Vulnerability." This affects Windows Server 2016, Windows 10, Windows 10 Servers. This CVE ID is unique from CVE-2018-1035.
CVE-2018-11311
PUBLISHED: 2018-05-20
A hardcoded FTP username of myscada and password of Vikuk63 in 'myscadagate.exe' in mySCADA myPRO 7 allows remote attackers to access the FTP server on port 2121, and upload files or list directories, by entering these credentials.
CVE-2018-11319
PUBLISHED: 2018-05-20
Syntastic (aka vim-syntastic) through 3.9.0 does not properly handle searches for configuration files (it searches the current directory up to potentially the root). This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to ...
CVE-2018-11242
PUBLISHED: 2018-05-20
An issue was discovered in the MakeMyTrip application 7.2.4 for Android. The databases (locally stored) are not encrypted and have cleartext that might lead to sensitive information disclosure, as demonstrated by data/com.makemytrip/databases and data/com.makemytrip/Cache SQLite database files.
CVE-2018-11315
PUBLISHED: 2018-05-20
The Local HTTP API in Radio Thermostat CT50 and CT80 1.04.84 and below products allows unauthorized access via a DNS rebinding attack. This can result in remote device temperature control, as demonstrated by a tstat t_heat request that accesses a device purchased in the Spring of 2018, and sets a ho...