Ask whether the UTM does stateful inspection and deep application inspection. Some cheap devices still only do basic packet inspection, while reliance on signature-based protection is extremely processor intensive.
Ask whether you need all the functions in a UTM. A solution that contains a high number of functions may be more expensive, or more processor intensive, than one that contains just the functions a customer needs. WatchGuard UTMs, for example, let you add functionality as you need it, which is a huge benefit.
Consider what the performance is like in the real world, with all the relevant functions switched on. Most suppliers provide throughput statistics. However the majority of those statistics are for firewall and VPN throughput only; or suppliers may quote performance for a specific function, such as anti-virus, and the quote is with all other functions switched off.
In the real world you are going to switch on some or all of the additional functions. A significant percentage of UTM devices don't scale well and performance can fall off rapidly with additional functions switched on. Major players such as WatchGuard and Check Point have solutions that perform extremely well in live environments.
Does the UTM use use silo-based or integrated solutions? The ability to grow with your requirements is clearly associated with the ability to scale. Where solutions are built up of multiple components that aren't integrated, good traffic is often repeatedly processed, which seriously impacts performance.
Sizing is an important issue to consider. You want a solution that will still be performing in 18 months time. Consider solutions such as those from WatchGuard and Check Point which are performance upgradeable in the rack.
Look at support costs, as there can be significant variations between suppliers.
What is the centralised management capability? Look for solutions which provide good, low cost centralised reporting and management. Vendors such as WatchGuard and Check Point can provide this.
Ian Kilpatrick, the author, is chairman of Wick Hill Group plc, specialists in secure infrastructure solutions for ebusiness. Kilpatrick has been involved with the Group for over 30 years and is the moving force behind its dynamic growth. Wick Hill is an international organisation supplying most of the Times Top 1000 companies through a network of accredited resellers.
Kilpatrick has an in-depth experience of computing with a strong vision of the future in IT. He looks at computing from a business point-of-view and his approach reflects his philosophy that business benefits and ease-of-use are key factors in IT. He has had numerous articles published in the UK and oveseas press, as well as being a regular speaker at IT exhibitions.
CRN 2008 channel awards winnder of '
Channel Personality of the Year', he is never afraid to voice his opinions on all aspects of the industry and on IT security issues in particular. He has an in-depth experience of computing with an excellent understanding of the industry from the vendor, distributor, reseller and end user point-of-view.
He has a strong vision of the future in IT and IT security. His approach reflects his philosophy that business benefits and ease-of-use are key to successful infrastructure deployment.