What's the utm security gateway Unified Threat Management (Unified -- kyoui Management), in September 2004, IDC is put forward for the first time "Unified threat management "The concept of the anti-virus, intrusion detection and firewall security equipment as Unified Threat Management (Unified -- kyoui Management, UTM) new category.IDC will antivirus, firewall and intrusion detection fusion in a new category called unified threat management, the concept caused the wide attention in the industry, and promote the integrated type safety equipment as representative of the birth of market segmentation.
UTM by IDC refers to the composed of hardware, software and network technology has a special purpose equipment, it is mainly to provide one or more of the security features, integrate a variety of security features on a hard, a national standard unified management platform.From this definition, IDC, puts forward the concrete forms of UTM product already, and covers more profound logic category.From the point of the first half of definition, put forward by the numerous security vendor integration of multi-function security gateway, integrated security gateway, safety equipment and other products can be classified to UTM product category;And in the later half of the run, the concept of UTM is reflected in the information industry after years of development, the overall understanding of safety system and a deep understanding.
currently, UTM is often defined as consisting of hardware, software and network technology has a special purpose equipment, it is mainly to provide one or more of the security features, and integrate a variety of security features in a hardware device, form the standard of unified threat management platform.UTM equipment should have basic functions including network firewalls, network intrusion detection/prevention and gateway anti-virus capabilities.
although the UTM integrates a variety of functions, but not necessarily at the same time open.According to the different needs of different users and different network scale, UTM products are divided into different levels.That is to say, if the user needs at the same time open a number of functions, you need to configure high performance comparison, function more rich products.
1. Basic characteristics to build a higher, stronger, more reliable wall, in addition to the traditional access control, firewall should also to anti spam, denial of service, hacker attacks and other such external threat of heald detect network protocol layer of defense.Real security can't stay on the ground floor, we need to form the effect of governance, can realize the agreement to protect, but are not limited to two to four layers.
2. Should have high detection technology to reduce false positives.As a serial access gateway device, once high false positives, is a disastrous consequences for users, IPS is a typical example.The classification of high technical threshold detection technology can greatly reduce the rate of false positives, therefore, according to different attacks, should be taken to effectively integrate different inspection technology can significantly reduce the rate of false positives.
3. Should have high reliability, high performance hardware platform support.For UTM era of firewall, the network security at the same time, also can't become the bottleneck of network applications, the firewall/UTM must with high performance, high reliability of the special chip and dedicated hardware platform to support, in order to avoid the UTM device reliability in complex environment and poor performance of the threat of normal operation of the core business to users.