UTM vs NGFW

After receiving so many requests to explain the difference between a UTM (Unified Threat Management) and NGFW (Next Generation Firewall), I came across a great video that explains it in detail and decided we should shed some light on it and help customers and partner to better understand the difference.

Most customer got the information from a sales person that they should move to NGFW due to it being faster better and newer, well here is a couple of point that as the reference video calls it myth busted 🙂 .

Performance/Speed 

When NGFW At one point, maybe, but UTM has caught up. The newest heavyweight in the UTM market, the Firebox M5600, brings a blazing 11 Gbps UTM throughput. That is the real protection that businesses need to protect themselves from the wide variety of threats, from email, web, application, etc.

More Security

Several years ago, security pros developed a new defense that allowed IT pros to take more control over the applications that were being used. That technology was added to a simple firewall with IPS capability and labeled “NGFW.” It took about 5 minutes for UTM companies to incorporate Application Control technology into their UTM platforms

UTM now include Application control and IPS as well as the following (SpamBlocker,  Gateway AV,  Webblocker, Packet filter, Reputation Enabled Defense.)

Threat NGFW UTM
Spam Attack No  Yes
Inappropriate Content No  Yes
Virus Attack No  Yes
Reputation Blocking No  Yes
Application Traffic  Yes  Yes
Intrusion Attack  Yes  Yes

Enterpise is NGFW and SMB is UTM

Enterprise organizations are adopting UTM more often than in years past. They realize the benefits of consolidating security services into a single platform. (management, training, energy, rack space, the list goes on.) They realize that speed, efficacy, and features aren’t legitimate concerns.

When your evaluating technologies, ask yourself what really matters.

Deployable – Can I get the right technology implemented in time? Hundreds of thousands of new threats hit the wild every day. Getting the technology implemented quickly is often overlooked.

Usability – Can my team actually use the tools? Can I manage this thing? Technology is great, but its configuration error most commonly responsible for a breach.

Visibility (Reportability) – Can I see what’s going on? Cant “set and forget” – Need real business/security value.

Can I use this without negative impacts on my business? Nothing is more frustrating for an employee than not being able to send an email, or get to a website, so people will disable tools that they feel are getting in the way of productivity.

Reference: WatchGuard Technologies