Welcome to How To Secure Your SMB Network! This is part 2 of a 9 part series that discusses our approach to Network Security and how we secure client networks. As you will see there are many facets that go into creating a secure network. Think of it as a puzzle with each piece playing an important role. The days of installing Norton Anti-Virus on your computer and thinking you are safe are over.
What is a UTM Gateway
UTM stands for Unified Threat Management. The idea is to block security threats before they enter your network. Traditionally a network gateway his consisted of a Router and Firewall while the workstation would handle AntiVirus, AntiSpam, Web Filtering and other security functions. A UTM Gateway combines a Router, Firewall, Anti-Virus, Anti-Malware, Intrusion Prevention, Content and URL Filtering, etc. into one device. This device analyzes incoming network traffic before it enters your network and can throw out suspect data before it has chance to infect your computers. Many UTM’s can also handle remote access needs, such as SSL VPN.
Let’s create an analogy incorporating Airport Security. The TSA checkpoint would be your UTM Gateway. Passengers go through a screening process before they can enter the boarding area, just as data goes through a screening process at the UTM Gateway before it can enter your network.
How Does a UTM Work
All data that is entering your network must pass through the Gateway. A UTM Gateway processes this data and then decides whether to allow it to enter the network. The Anti-Virus and Anti-Malware functions will look for viruses and malware in the incoming data. If it finds anything suspicious it will prevent the data from entering the network. The Content and URL Filtering functions look at where the data is coming from and makes a determination if that is a safe location. This can also be used to block access to certain websites, or categories of websites. Websites that are known to serve Malware and other malicious code are blocked as well. The Content and URL filtering function can also prevent outgoing traffic from sending data to malicious websites. Many of the Ransomware infections that are in the news today require that the infected computer contact an outside server to download an encryption key. If that server is unreachable due to Content and URL filtering, the Ransomware program is unable to encrypt your files.
Most UTM’s have an annual subscription or license that gives you access to security updates for your UTM. These updates are similar to the Anti-Virus and Anti-Malware definition updates that frequently install on your computer. The UTM vendors are constantly providing updates of new viruses, malware, and malicious websites in an effort to keep the latest threats from entering your network.
What to look for in a UTM
When purchasing a UTM there are many factors to consider.
- Remote Access and VPN capabilities
- Annual Subscription fees for the updates (Your UTM will quickly lose functionality without current definitions)
- Processing power, how much data can the device analyze and pass through to your network. This is of particular concern on larger networks or very fast internet connections.
- Wireless capabilities
- Capabilities of the vendor’s security labs, how quickly can they provide updates when a new security threat is identified.
How To Secure Your SMB Network – E-Book
This is the second part of a nine part series that details How To Secure Your SMB Network. Every Wednesday we will post a new section that gives details and examples on how Banks Technology Services secures out client’s networks. We have compiled all of this information into into an EBook which you can download for free. The E-Book contains additional information, real world examples, and is updated as new technology emerges. To receive your FREE copy, head on over to the How To Secure Your SMB Network page.