We are in the infancy of unified threat management (UTM). Manufacturers have tried to provide an all-in-one solution, but it seems best of breed is the most effective. It is hard for a manufacturer to specialise in UTM, which may be why Symantec left the market.
The sticking point of best of breed is how to provide the unified aspect of UTM. This, of course, depends on the vendor; some are just buying in and bolting on solutions. This approach allows suppliers to offer a UTM service of sorts, but the reality is that they provide consolidation of services, not unification. However there are those using various applications to create a truly unified product, which is surely the ultimate intent.
It seems that some customers are trying to reduce the management costs of implementing UTM by staying with a manufacturer simply because that is what they know. So they take on the UTM solution provided by the manufacturer they currently use as they will not have the same learning curve as they would if they swapped to a new supplier.
However, swapping would be easy with a managed service. There is no learning curve, as the MSP will install, configure and maintain the solution. The client can then choose the best security solution based on the technology and service rather than on perceived ease of use, which is not a good measure.
A manages service gets around another problem: UTM devices are more complex than the firewalls they replace. Given that the NTA Monitor said firewalls were badly configured in most systems, it wouldn't be a surprise to find that many UTM systems, however good, suffer the same fate. The systems require a clear understanding of each component; most IT managers do not have the time for this. So if there is a conflict between an application and the security system, security loses. This can only be sorted out by those who know the system back to front.
Another good reason for UTMs is in-depth defence. Too many companies rely on a single AV platform and do not plan protection around layered defence. Threats over the internet travel faster than by laptop, so a good UTM device will provide valuable protection during the time it takes to protect desktops.
The bottom line is: do UTM systems give better defence than the traditional methods? Absolutely. A good solution is truly integrated and will scale, while keeping its unity.
UTM is hard to do well, but a truly integrated, unified system will give better protection and value than separate products. We should not ignore its potential.