In this article
A firewall is only one piece of the business security puzzle. To bolster your defences, you need to embrace the more holistic approach of Unified Threat Management.
The original concept of a firewall was simply to stop hackers sneaking into your business via your internet connection, the same way you might watch for unwanted guests walking in through the front door. This approach certainly helps neutralise some attacks, but these days you need to do more to protect your business from every threat coming from both outside your business and within.
The next step up was to embrace IPS (Intrusion Prevention Systems), which could intelligently scan network activity in real-time, on the lookout for suspicious activity. They go beyond the idea of “intrusion detection” and take immediate action to protect your business, based on the rules you set. For example, rather than simply taking note of a malicious-looking incoming data packet, IPS would drop that packet and then block all further traffic from that source until the issue could be investigated.
More advanced IPS can look beyond individual packets at the big picture, studying traffic patterns in search of the tell-tale signs of malicious activity. At this point your security measures are not just designed to stop threats getting in from the outside world, but they’re also monitoring for threats that lurk within your business.
Rather than simply placing a guard on your office door to check the ID of people walking in and out of your office, you might think of IPS as a network of guards who patrol the building with a watchful eye for anything that looks suspicious.
Of course, the best defence strategy is to employ multiple layers of defence, such as anti-virus, anti-spam, URL content filtering and web application controls, which offer granular control over specific operations within a web page.
At this point you can end up with a lot of security guards wandering your office halls, stepping on each other’s toes yet still perhaps missing the big picture. That’s why it’s important to take a coordinated approach, which is where Unified Threat Management (UTM) comes in.
Unified Threat Management isn’t one more security guard to roam the halls; rather, it’s a technique for overseeing all your security measures and managing them all from a single, simple-to-use network appliance. While UTM takes much of the hassle out of managing a coordinated approach to business security, it also offers access to advanced analytics and activity reporting so you can keep a close eye on exactly what’s happening within your organisation without trawling through reams of activity logs.
At this point all your security efforts are working in unison, offering a range of benefits. A UTM appliance can reduce the number of security incidents and improve your ability to deal with them while minimising network latency, plus it can streamline the rollout of new security capabilities while helping to reduce the infrastructure, software and human resources required to maintain your security.
Unfortunately, these days the greatest business security threats can come from within – perhaps inadvertently, perhaps not. The analytics and reporting tools offered by UTM can help you enforce ICT policies within your organisation as well as protect your intellectual property. This way you can ensure the staff you trust to handle sensitive information deserve that trust.
Unified Threat Management isn’t a magic bullet to solve all your security troubles, instead it’s a powerful tool to ensure all your defences are working in unison to protect your business from the myriad of threats both outside the office walls and within.