MODEL#

T-500

Unified Threat Management:

A Modern Solution to a Modern
Problem
Whitepaper

www.seqrite.com
Table of Contents Introduction
1. Introduction 01 Cybersecurity is one of the most serious problems SMBs and enterprises today are grappling with.
2. Current methodologies for handling cyber threat Data and information security is a constant struggle for them. Companies have to keep their
and where they fail 02 businesses running and also secure their own as well as their customers’ data from breaches.

3. Understanding Unified Threat Management 03 In recent times, cyber threats have multiplied in their frequency, intensity, and sophistication. It has
become no easy task for the CISOs to ward off the cyber attackers and keep their data secure, and
4. An Effective Unified Threat Management Solution:
Seqrite Terminator 05 they have to turn to newer and more comprehensive means to achieve this goal.

5. Summary 06 The traditional ways of securing applications and infrastructure involved the use of firewalls and
protection mechanisms for different kinds of threats, through discrete functions. UTM changes all
that, by employing a single appliance that performs various security functions. This whitepaper
examines how to implement a UTM solution effectively.

Unified Threat Management - Whitepaper 01

 Current methodologies for handling cyber threat and
where they fail
Internet Traditional point solutions, which are installed to solve major threats and productivity issues, are often
difficult to deploy, manage, and update. This increases operational complexities and overhead costs.
The traditional point solution approach leads to disadvantages, such as the deployment of reduced
security and inferior policies at remote locations as also the fact that Endpoint Security is the last
bastion of security as compared to perimeter security provided by UTM.
Router
In this kind of protection mechanism, there are multiple devices which perform the individual security
functions like firewall, VPN, intrusion detection, intrusion prevention, WAN acceleration, content filtering,
antivirus and antispam. These devices could be dedicated hardware appliances or software running on
servers.
Some key issues with traditional threat management are listed below:
» Having multiple devices to manage means they must be administered separately, and there is no
Firewall correlation between the activities indicated by the discrete boxes.
» There is a need for different staff roles, with people trained on the various technologies. Some might
come from multiple vendors thereby adding to the overall cost and difficulty of managing the
security.
Switch
» All the devices will have to be kept up to date by installing the latest security patches from the
various vendors, and this requires additional effort and continuous vigil from the security
department. Also, a most recent patch on one device may break the other, so they all have to be in
perfect sync!

IDS/IPS » Having multiple devices also takes up more rack space at the data center, and leads to greater
VPN Server
power consumption, which might not be in alignment with the organization’s green initiatives.

Overcoming all these drawbacks and responding better to the challenging security environment of
WAN Optimizer
today has been a top worry of CISOs across the industries. Today organizations may rely on an
integrated approach to network security and productivity that combines the traditionally disparate point
technologies into a single manageable entity.
Content Filter
Unified Threat Management, or UTM for short, is being employed widely today and has proven to be a
solution for most of these challenges. Let’s look at what Unified Threat Management is and how it
addresses the problems of the legacy ways of managing the organization’s security.

Unified Threat Management - Whitepaper 02

 Understanding Unified Threat Management
A Unified Threat Management System provides SMBs and distributed enterprises with a single box to manage
Internet multiple security functions. UTMs, which are typically purchased as a single network appliance, or as a single
cloud-based service, provide various security features. It includes firewall, intrusion detection and prevention,
identity- based access control (as opposed to IP-based), anti-virus, spam-filters, content filtering and VPN
capabilities in one integrated package that can be easily installed and updated. Advanced UTMs can also provide
additional functions like secure wi-fi hotspots, load balancers and much more.

UTM

What are the features provided by a UTM Solution?

A Unified Threat Management Solution usually provides the following features:

Switch Single pane of glass reporting and control: UTM covers all aspects of security management across the network and
applications, from one place.
Firewall: It provides firewall protection to block and selectively allow trusted packets and connections from external
networks. The firewall action is of two types: stateful and stateless. A stateless firewall examines each packet
header and selectively allows or blocks it according to policy. But a stateful firewall is application aware; it
Corporate Servers recognizes legitimate and illegitimate flows and connections, and decides based on this awareness as well as the
policy. Stateful firewalls are more powerful and effective, but they come at the cost of speed. A stateless firewall is
simple but fast. The decision must be taken to implement the right firewall action depending on the threat perception
and the ‘need for speed’.
IDS and IPS: Intrusion Detection and Prevention Systems scan the system and network for abnormal and
anomalous activities and flows. They detect possible or actual security breach attempts, prevent violations and help
Client PCs isolate compromised systems.
VPN service: A Virtual Private Network allows remote connections from users outside the company’s network, and
Fig 2: How UTM simplifies the network by aggregating is used for inter-office communications across campuses. They offer tunneling through the Internet through secure
multiple security functions encryption.
Content filtering: It prevents employees from accessing potentially hazardous content on the Internet. The same is
also governed by policies, for example, access policy concerning the risk profile of the specific employee groups.
Gateway intercept: This feature of the UTM solution protects and isolates network from virus and spam

Unified Threat Management - Whitepaper 03


Security breaches usually entail more
recovery efforts than acts of God. Unlike
proverbial lightning, breaches of security
can be counted on to strike twice unless
the route of compromise has been shut off.
- FedCIRC
Advantages of Unified Threat Management Systems
Unified Threat Management offers several advantages over the traditional multi-box method, for
securing the business. Let us examine the most important ones below.
Hardware Consolidation: With UTM, multiple devices are consolidated into one appliance or one
cloud-based UTM service. It reduces the data center clutter and consequently the carbon footprint as
well. It also makes the system easier to monitor and manage.
Single Vendor Management: Managing the support and licensing is greatly simplified if you have to
dela with only one vendor. UTM provides this advantage and there is no possibility of buck-passing
between multiple vendors.
Managing Blended Threats: Blended threats involve simultaneous attacks through phishing mails,
virus/malware/DDoS attacks, IOT based attacks and so on. With a single appliance controlling all the
functions, the threats can be correlated and addressed in a unified manner.
Simplified Patch Management: Loopholes need to be patched on a regular basis, and with UTM a
single unified patch is applied across the services, making it simpler and more effective in reducing
lapses to laxity in patch management.
Cost Reduction: Having a single box to manage ultimately leads to lower TCO for the buyer.
Drawbacks of UTM and how to overcome them
We have seen that UTM offers multiple advantages and leads to enhanced security management for
the SMBs and enterprises. However, they suffer from a drawback which is -'Single Point of Failure’. If
having a single box is an advantage of UTM, the same acts as a flip side of the system as it becomes a
single point of failure.
As an active mitigation for this drawback, companies are installing not one but two UTM appliances -
in failover mode. It ensures that even if one of the appliance fails, the other takes over seamlessly,
including the status of the connections and flows in case of stateful firewalls and so on.
Unified Threat Management - Whitepaper 04
 An Effective Unified Threat Management Solution:
Seqrite Terminator
Terminator is a UTM product from Seqrite, a premium provider of enterprise and SMB security
solutions. Seqrite Terminator is a high-performance, easy-to-use Unified Threat Management
(UTM) solution for small and mid-size companies. The new collaborative platform architecture
brings network security, management, backup and recovery of UTM data, and many other
critical network services together under a single unified umbrella. TERMINATOR is tailored to
suit the complexity of emerging threat scenarios. This fully integrated product is a simple and
smart way of replacing multiple security programs with one solution.
A security solution can be deployed very quickly using the Seqrite Terminator product, as
shown in the figure below:

The top features of the solution are as follows:

» Easy deployment and management.
» Plug-and-play solution without manual intervention or changes.
» Detects and prevents intrusion and protect networks from hackers who can sneak into the
system.
» Allows multiple ISPs to be used by TERMINATOR.
» Automatically diverts data traffic from inactive ISP to active ISP lines
» Administrators can control access to applications by configuring rules.
» Provides comprehensive logging and reporting with a user-friendly web-based
configuration.
» Easily available customer support and consultation with single vendor contact point.

Figure 3: Unified Threat Management using Seqrite Terminator

Unified Threat Management - Whitepaper 05

Summary
Traditional security management solutions using discrete components are harder to
manage, have a wider data center footprint, and suffer from a lower end to end visibility. To
deal with the mushrooming and ever more vicious cyber threats, which include blended
threats, a Unified Threat Management System is the need of the hour. UTM provides
enhanced features at a lower price point, reduced complexity, more effective risk
management against blended threats, and is in general equipped to deal with the
tremendous speed at which newer threats are emerging. SMBs and Distributed enterprises
must make use of this improved and integrated method of managing the security of their
business to ensure that their business continues to flourish, uninterrupted.

Unified Threat Management - Whitepaper 06

 Seqrite is a world-class Enterprise Security brand defined by innovation and simplicity. Our solutions
are a combination of intelligence, analysis of applications and state-of-the-art technology, and are
designed to provide better protection for our customers.
Expanding international presence Seqrite is backed by Quick Heal’s cutting-edge expertise of producing cybersecurity solutions for
over two decades. Our products help secure the networks used by millions of customers in more
than 80 countries.

Experience the best-in-class solutions offered by

USA
Seqrite and how they can address the security
JAPAN UAE KENYA
Quick Heal Technologies
America Inc.
Quick Heal Japan KK.
Quick Heal Technologies
(MENA) FZE
Quick Heal Technologies
Africa Ltd. challenges of your enterprise. Boost your cybersecurity,

Request Demo
Certifications
Quick Heal Technologies Limited
TOP PRODUCT

Corporate office: Marvel Edge, Office No. 7010 C & D, 7th Floor,
17
/20

Viman Nagar, Pune - 411014, India.

06

Support Number: 1800-212-7377 | info@seqrite.com | www.seqrite.com

All Intellectual Property Right(s) including trademark(s), logo(s) and copyright(s)

are properties of their respective owners. Copyright © 2017 Quick Heal Technologies Ltd.
All rights reserved.

Unified Threat Management - Whitepaper 06