Comments on: Unicorns, Pixies, and Enterprise UTM

By: Palo Alto Networks Research Center » Is UTM an Enterprise Product?

Palo Alto Networks Research Center » Is UTM an Enterprise Product? — Wed, 10 Feb 2010 20:44:11 +0000

[...] Greg Young of Gartner blogged about Enterprise UTM’s, comparing them to Unicorns and Pixies. I could not have agreed more with [...]

By: Marcelo Mayorga

Marcelo Mayorga — Mon, 07 Dec 2009 23:32:52 +0000

[...] The unicorn-solvent is email anti-virus: if they mean to propose doing email anti-virus on the firewall then good luck with meeting your firewall latency SLAs [...]

As I see it, anyone that implements e-mail anti-virus is expecting latency for that traffic. That’s true if you configure it in your UTM as it is for an standalone AV appliance. In both cases e-mail traffic is going to be inspected for AV so… wait for it.

For traffic different than email you don’t expect any additional latency, since you’re not enforcing AV inspection on it. Not all UTM’s configurations are based on the “all or nothing” concept. Actually, I’ve seen many UTM products with much more granularity than pure Firewall, IPS, AV, etc.

By: Word Massaging, Security Vendor-Style

Word Massaging, Security Vendor-Style — Fri, 13 Nov 2009 17:08:02 +0000

[...] UTM” sounds better than….(see Greg Young for details) Share and [...]

By: Does religion blind our technology decisions? | Fortinet FortiGuard Blog

Does religion blind our technology decisions? | Fortinet FortiGuard Blog — Wed, 21 Oct 2009 19:40:39 +0000

[...] Can we not draw a parallel between this example with new security products and solutions? Yes, I don’t doubt that there are some customers that are not ready for the convergence of an integrated security solution (aka UTM), but there are many customers who are ready and a UTM solution is right for them. ”Evangelists” are merely doing the industry a disservice by saying “NO! You might like the idea, heck you might even like the product and can derive significant benefit from it…but you are an ENTERPRISE! Send that box packing on that Unicorn riding Pixie it rode in on.” [...]

By: UTM Systems for Enterprise Security Debated : Information Security Resources

UTM Systems for Enterprise Security Debated : Information Security Resources — Tue, 13 Oct 2009 23:48:20 +0000

[...] is titled: Unicorns, Pixies, and Enterprise UTM, and says in part: At Gartner, we haven’t seen enterprises shifting to using UTMs or SMB [...]

By: Greg Young

Greg Young — Tue, 06 Oct 2009 17:49:35 +0000

Eric:

please send me an email directly and we can communicate better that way. In short, any survey is a blunt instrument and we don’t ponly rely on it to make an assessment of the market.

We are looking at both on-server and appliance-based WAFs. If a question doesn’t apply just comment “N/A” or add a comment. I think I have a good grasp already on the products so I won’t look twice if I see “N/A” for questiosn from either appliance (“do you run on apache?”) or on-server (“how many physical interface and of what type”) vendors.

By: Enterprise UTM: When Bigfoot Videographers Attack!

Enterprise UTM: When Bigfoot Videographers Attack! — Mon, 05 Oct 2009 21:19:58 +0000

[...] colleague Greg Young recently heard from some Bigfoot videographers after his post “Unicorns, Pixies, and Enterprise UTM”, wherein he correctly stated [...]

By: Jack Daniel

Jack Daniel — Sun, 04 Oct 2009 01:18:20 +0000

Unfortunately, the reality of the market contradicts your statements. As much as I appreciate snark and hyperbole in blog posts, the fact is that there are “enterprise” UTM deployments (even using your somewhat convoluted definition of enterprise) undermines your position and credibility.

Are UTMs sweeping the enterprise? No. Are some enterprises using them? Absolutely. Some of your points are clearly out of touch. In this economy I am seeing a collapsing of hierarchies and divisions in IT and security teams- and as fewer people perform more, and more disparate tasks, the “unified” aspect of UTMs is a significant asset.

Further, your point about “best of breed” is off the mark on two critical points: First, many UTMs do provide “best of breed” quality features. Second, many “best of breed” solutions are not deployed and maintained in optimal configurations, often due to tedious or convoluted configuration and management routines. The significant growth of the field of “firewall management” solutions clearly shows the failures of “industry leaders” to provide manageable solutions.

Finally, I have to ask if Gartner’s results have not become somewhat self-selecting. Conservative companies turning to a conservative analyst firm, which then focuses said conservative clients…doesn’t seem like a recipe for either innovation, or spotting it.

(Yes, I work for a UTM vendor. No, I do not speak for them).

By: Stiennon

Stiennon — Sat, 03 Oct 2009 23:15:06 +0000

Gartner analyst throws chum in water. Ex-Gartner analyst strikes at the bait!
http://www.threatchaos.com

By: Eric @ Art of Defence

Eric @ Art of Defence — Fri, 02 Oct 2009 16:16:18 +0000

Good post and feedback. What about WAF’s here? I noticed you’re doing a Quadrant on them soon and the criteria seem to put them in the traditional DMZ layer. Since most are appliances, do you consider them part of a UTM or other network layer solution?

I ask only because it’s relevant to your post and since we were invited to partake in the Quadrant this time the ‘grading process’ seems off. What about SaaS WAF’s and software-based WAFs that live with the webapps themselves and are not hardware? I have a sneaking suspicion that our SaaS WAF is what got us invited to the party, however, the the framework for the Quadrant doesn’t leave room for such solutions. Have I misinterpreted?

There also seems to be a lack of webappsec related questions to the Quadrant. What about high-level proactive security features such as secure session management, URL encryption and a web authentication framework?

Would like to hear your thoughts! Here’s our view on the SaaS side:
http://www.artofdefence.com/dokumente/Cloud_AppSec_Whitepaper.pdf