The child actor who died from drinking Pop Rocks candy and Coke and the Nigerian minister who just needs a little help with some money transfer.. I need to call someone at Snopes.com and pull in some favors to get “Enterprise UTM” added to the myths list.
The Loch Ness Enterprise UTM message has again been sighted in the security market. At Gartner, we haven’t seen enterprises shifting to using UTMs or SMB multifunction firewalls, nor do we forecast that this will happen any time soon.
Here are some of the tricks used in security marketing to make these claims:
Trick #1: Redefining what an enterprise is. Enterprises are in fact about 1000 employees. Between 500 and 1000 employees we consistently see IT buying behavior, including security, differ from the SMB. For firewalls, companies shift from buying what we call SMB multifunction firewalls (what is also called UTM) and start moving consistently to point products at about that 750-ish employee mark and don’t go back. Redefining by vendors of what an enterprise is in order to fit the product just games the equation. The trend is the key: calling an enterprise 200 or 2 employees doesn’t change the selection trend.
Trick #2: Calling a non-enterprise an enterprise. Sure a branch office may use a converged device, but that isn’t the enterprise. As a sidebar, branch offices generally aren’t doing mail security in the firewall (the mail servers aren’t usually out in the branches). Also, carriers, ISPs, and hosting companies aren’t enterprises: they are carriers, ISPs, and hosting companies and serve up security in a very different manner than both enterprises and SMBs.
Trick #3: Holding up the recession as a reason to see unicorns. During the last year some vendors have claimed that enterprises can now use SMB products or UTMs because of the recession. In fact, the recession may have been a reason to seek a less expensive enterprise product. If your construction company has come upon tough times, the solution is not to start hauling gravel in minivans. Maybe a vendor who is selling the enterprise UTM message can find a reference customer to hold up as proof, however this is them having sold into their niche and have found the exception rather than the rule.
Trick #4: Calling a few point products together a UTM. Getting fuzzy with the definition of what is this mysterious UTM is the biggest trick. This is why Gartner doesn’t use the term “UTM”: we expressly separate products into “SMB Multifunction Firewalls” and “Enterprise Firewalls”. UTMs and SMB multifunction firewalls are generally understood to be all the network security products in one appliance. Enterprise firewalls are generally firewall, VPN, and maybe IPS: that isn’t the same as the SMB product or what has generally been called UTM. In our Gartner research, we provide some considerable detail to this topic, however a firewall and IPS together is not a UTM. The unicorn-solvent is email anti-virus: if they mean to propose doing email anti-virus on the firewall then good luck with meeting your firewall latency SLAs (see below), otherwise they are being realistic but tricksy by just calling what is a firewall or next generation firewall a UTM.
There isn’t one big convergence happening in network security products. In our Gartner research, we provide some considerable detail to this topic, but enterprises won’t be deploying UTMs as their firewall anytime soon because:
- Buying and operations centers. In enterprises, mail security and network security are different security operations groups, and the safeguard is usually required in different places: i.e. firewall at edge and anti-spam in the data center.
- Latency sensitivity and inspection differences. You can wait a little while for mail anti-virus and not for network packets. It also turns out that the types of inspection for handling packets quickly and doing deep inspection and expression matching are very different. At the lower bandwidth and connection rates of the SMB this inefficiency isn’t a big problem, but at true enterprise throughput and iMix the inefficiency quickly becomes a service-killer.
- Best of breed requirements. Enterprises continue to favor getting good protection, and a single vendor offering 10 safeguards in a single appliance is likely not be to great at all of them. If you look at the Magic Quadrants (MQ) for messaging security, firewalls and IPS you will very little overlap across quadrants in the MQs.
Read Complimentary Relevant Research
Predicts 2017: Artificial Intelligence
Artificial intelligence is changing the way in which organizations innovate and communicate their processes, products and services. Practical...
View Relevant Webinars
The IoT In Manufacturing Operations: Where Are We Now?
The Internet of Things (IoT) is a paradigm shift for manufacturing operations. Its fanfare creates uncertainty in state-of-the-art technology...
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.