tag:blogger.com,1999:blog-4088979.post8659609452269386546..comments2023-10-16T06:06:25.012-04:00Comments on TaoSecurity Blog: Why UTM Will WinRichard Bejtlichhttp://www.blogger.com/profile/13512184196416665417noreply@blogger.comBlogger8125tag:blogger.com,1999:blog-4088979.post-20187510302839298442007-08-24T09:23:00.000-04:002007-08-24T09:23:00.000-04:00riconeo,That's all I have. I suggest asking the m...riconeo,<BR/><BR/>That's all I have. I suggest asking the magazine directly.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-46121335943974417282007-08-24T09:20:00.000-04:002007-08-24T09:20:00.000-04:00Hi Richard,Do you have a bigger size UTM chart? I'...Hi Richard,<BR/><BR/>Do you have a bigger size UTM chart? I'm looking for it for quite some time now.<BR/><BR/>Pls email it to riconeo at gmail dot com<BR/><BR/>Thanks! :)Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-25766254486691765252007-04-30T14:10:00.000-04:002007-04-30T14:10:00.000-04:00Hoff,I see UTM as the last step before everything ...Hoff,<BR/><BR/>I see UTM as the last step before everything ends up in the switch. In the figure at the top, the end of the line will be the switches/routers and nothing else.Richard Bejtlichhttps://www.blogger.com/profile/13512184196416665417noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-57620199334243588482007-04-28T21:16:00.000-04:002007-04-28T21:16:00.000-04:00@Rich:I want to understand whether or not this per...@Rich:<BR/><BR/>I want to understand whether or not this perspective on "UTM" is an evolution of thinking on your part or a change of heart as it relates to the following statement you've made:<BR/><BR/>"It seems as though all network security functions are going to collapse into the devices which carry traffic -- switches."<BR/><BR/>...are you suggesting that switches are going to be(come) UTM devices? I've always understood your position to be quite literal in as much as ALL security will go into the switch and while Cisco may not call their products "UTM," devices such as the ASA are trending toward it.<BR/><BR/>Interesting comments, for sure.<BR/><BR/>@Daniel:<BR/><BR/>Not every UTM architecture suffers from the issues you describe. The market definition of "UTM" (the SME/SMB perimeter solutions) certainly fall into this space and these limitations.<BR/><BR/>Others, do not.<BR/><BR/>/HoffAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-46075336757689482342007-04-19T07:15:00.000-04:002007-04-19T07:15:00.000-04:00The sad fact is that even Cisco has jumped on the ...The sad fact is that even Cisco has jumped on the UTM bandwagon with its ASA series.Bunda Pakistanihttps://www.blogger.com/profile/18150801207749222435noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-54734369380265945672007-04-19T02:15:00.000-04:002007-04-19T02:15:00.000-04:00good points. it's also turning into a nasty sales ...good points. it's also turning into a nasty sales strategy. want vpn or anti-malware? hey, it's already in the box you bought as a router or firewall. look how "inexpensive" it is versus buying a whole new piece of equipment. so you may effectively be paying a lot more for something than you should be, to support the UTM sales strategy that hopes you will one day need the other licenses. conversely, if you spec out a box as single-purpose, when you agree to license the other features you may find that it just can't handle the load and you'll need a replacement or sister device anyway.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-4088979.post-10375657878017423932007-04-18T21:01:00.000-04:002007-04-18T21:01:00.000-04:00One thing I've learned working for a Enterprise is...One thing I've learned working for a Enterprise is that you can't always trust your vendors or their products. Daniel Cid makes a good point that it might work for SMBs, but not big firms. One product we bought into works fine for small networks, but chokes on huge networks. The finger pointing goes on about who's to blame, but when it comes down to it, my bosses were at fault for believing the vendor's claims without thorough testing and the vendor is at fault for not fixing their product to work for us. Fancy graphics and charts look nice, but you really want to see test cases that reflect your environment and not an idealized test lab situation, or comparisons with similar products. I think that your assertion to use collectors for forensics is an excellent way to verify your network design, security and architecture.jbmoorehttps://www.blogger.com/profile/09751110750712243573noreply@blogger.comtag:blogger.com,1999:blog-4088979.post-86642231476765527842007-04-18T16:02:00.000-04:002007-04-18T16:02:00.000-04:00Hi Richard,UTM has some great advantages, but I wo...Hi Richard,<BR/><BR/>UTM has some great advantages, but I would never want to have a single point of failure like that. Just imagine a bug in my virus scan (like the last clamav vulnerability), crashing my firewall, ids, mail scan and disrupting my whole network.<BR/><BR/>UTM's are good for small networks with a tight budget, but medium/large enteprises can't have a single point of failure like that.. <BR/><BR/>*I didn't even mention defense in depth or privilege/process separation... :)<BR/><BR/>DanielAnonymousnoreply@blogger.com