Slashdot Mirror

← Back to Stories (view on slashdot.org)

Testing So-Called 'Unified Threat Managers'

Posted by Soulskill on from the ain't-no-silver-bullet dept.

snydeq writes "The InfoWorld Test Center has released vulnerability testing results for four so-called 'unified threat managers' — single units that combine firewall, VPN, intrusion detection and prevention, anti-malware, anti-spam, and Web content filtering in lieu of a relay rack stuffed top to bottom with appliances. The lab threw nearly 600 exploits of known vulnerabilities in a wide range of popular OSes, applications, and protocols, and despite being designed to thwart such threats, the UTMs as a class allowed hundreds to pass through. Why did the UTMs miss so many exploits? A lack of horsepower to perform the necessary deep packet inspection under load is suspected, as the lab pushed the limits of each unit's throughput with legitimate traffic. 'The upshot is, although the vendors have packed these devices with additional gateway security functions, clearly many UTMs are still strictly firewalls at heart.'"

5 of 98 comments (clear)

  1. Strange by Reason58 · · Score: 4, Insightful

    Focusing on doing one thing well yields better results than trying to do everything. Who'd have thought?

  2. Re:Uhm? by a-zarkon! · · Score: 4, Insightful

    It's the Ron Popeil/Billy Mays/Home Shopping Network sales pitch for IT Security: "It's a firewall, it's an intrusion prevention system, it will filter your web connections, it even provides anti-virus. But wait! It also acts as a router, and it even has a built in gigabit switch module. Now - how much do you think you're going to pay for this? Not $20,000 - not $15,000, not $10,000; no - all this can be yours for the low low price of $9995.95...."

  3. Flawed by Design. by canipeal · · Score: 5, Insightful

    The notion of having a single point of failure "security" device contradicts one of the primary foundations of security principle: Defense In Depth. Multiple layers of security is essential in safe guarding your systems, placing them all one one unit is nothing short of moronic.

  4. Re:No Cisco product? by vlm · · Score: 5, Insightful

    Could you point us to something with more in-depth information, by all means.

    Your interpretation was backwards. He's looking for less because it's expensive.

    When purchasing a $200 graphics card in a corporate environment, the technical staff will read 200 page technical documents, search google for hours, write reports, run simulations, justify the upfront cost vs long term labor savings, basically spend at least a grand or two of labor costs to pick the best $200 card.

    However, when purchasing a $30K "buzzword of the month" the decision will be made at a high level by a manager whom is proud of being non-technical based on:
    1) What they saw on CSI and/or 24 last night, or maybe Obama's latest speech.
    2) Whom has the scariest marketing material (buy this expensive magic widget or you be p0wned)
    3) How much he enjoyed the sporting event the sales exec took him to, or how much he enjoyed the sales exec in general.
    4) The cheapest, or the first one he saw in a magazine, or perhaps a brand that will offend one of his enemies (you know, like he hates the guy who happens to love Cisco products, so if the enemy of my enemy is my friend, then ...)

    --
    "Science flies us to the moon. Religion flies us into buildings." - Victor Stenger
  5. Re:No Cisco product? by DontBlameCanada · · Score: 4, Funny

    "Nobody ever got fired for buying Cisco", right?

    I know someone who did. They worked at Nortel and bought Cisco routers for the lab...

    Not the sharpest tool in the shed.