Product Group Tests
Unified threat managers (2013)
Best Buy: eSoft InstaGate 604
Recommended: Sophos UTM 220 & WatchGuard XTM 830
Full Group Summary
UTMs - unified threat managers - have been with us in one form or another for some time. The earliest ones were multipurpose appliances and really were little more than a group of point solutions to various security challenges packaged in the same server-grade appliances. Somewhere along the line, the term UTM was coined and, along with it, came a sort-of definition: UTMs had to have a firewall, anti-virus and a VPN. The next step was to start adding all sorts of gateway-applicable functionality - back to the multipurpose boxes - and now definitions seem to be drifting back to the original, more structured UTM description.
Today, we can pretty much trust Gartner when the analyst group tells us that a UTM has: 'firewall/intrusion prevention system (IPS)/virtual private network, secure web gateway security (URL filtering, web anti-virus) and messaging security (anti-spam, mail AV)'.
However, even Gartner admits that we are still in the 'point-solution-in-a-box' mode. The types of functionality described in the most current credible definition subsume most information security functionality anyway. That begs the question: How unified is unified? Judging by this year's crop of UTMs, pretty well unified.
The notion of the individual parts of a UTM working well together is sort of an expected goal. Over the course of UTM history, playing cooperatively with others was equally desirable, but somewhat rarer than it is today.
We saw quite a range of possibilities in this year's batch. First, there are some indications that a large part of what makes a UTM what it is, is stabilising. That suggests maturity. The user interfaces are about the same as we are used to - with a bit of refinement in dashboards, perhaps - and the integration of functionality continues to improve.
Where we saw some noticeable improvement came in two specific areas: defence in-depth and new functionality. UTMs have often been criticised - certainly by me - as killing defence in-depth since they place all of the security eggs at the perimeter in one basket. That is not necessarily true anymore. Now we are seeing good integration with client-side protection, especially in anti-malware.
The second area - functionality - is growing as well. One of our reviewers observed that this year's batch seems to be heading towards the 'super appliance' that does everything security in a single box. While we didn't see any of these super boxes this year, we did see some that are clearly heading in that direction. The added functionality is not radical, either. It is refinement of what the traditional UTM has, certainly of the UTM as defined today by Gartner.
As you make your decisions about which of these merit further attention, though, remember that at SC Labs we don't do shoot-outs. The products are not compared against each other. They are tested and graded on their own merits. What this means to you is that there may be a product that has exactly the feature set you want, we liked its performance, but it is a bit pricey. If price is much less a consideration than the other factors, this might be just what you need - even though it might not have gotten our Best Buy this month.
This is more important in UTMs because of the wide range of available functionality offered. In UTMs, functionality and performance to published specs are king and queen. If the device won't do exactly what you need - assuming, of course, that anything can - it is not worth following up even if it is a five-star value for the money. While that is always true to some extent with our products, we see it most often in multi-function products, such as UTMs.
So, with all of that in mind, we commend our current crop of tools to your consideration. This is a large group - it almost always is - and the competition is fierce. However, we believe you will likely find answers here, even if you don't find the perfect product.
All Products In This Group Test
- aXsGuard Gatekeeper
- Check Point Threat Prevention Appliance
- Cyberoam CR2500iNG
- Dell SonicWall NSA E8510
- eSoft InstaGate 604
- Gateprotect GPZ 5000
- Kerio Control v7.4
- Netgear ProSecure UTM25S
- Panda GateDefender Integra eSeries eSB
- Sophos UTM 220
- WatchGuard XTM 830
- Wedge 1005G Anti-malware Gateway