While not necessarily giving the impression, the Unified Threat Management ( UTM ) appliance market is evolving. And that starts with increased scrambling of lines with next-generation firewalls ( NGFW ). In fact, the distinction is more about the size of the target organizations than about the intrinsic capabilities of the devices – their network traffic processing power aside. According to Gartner, UTMs mainly concern entities with 100 to 1,000 employees. And the UTM market should remain separate from the NGFW market, at least until 2020. And there are good reasons for that.
An evolving offer
Thus, the analyst firm emphasizes specificities of UTM that do not necessarily attract large structures: “administration in a web browser, restricted learning for the configuration of security policies, integrated reporting, software and documentation translated into several languages” . Because according to Gartner, in particular, large companies need more granular security controls, but also more complex.
But evolutions are also, if not especially, technical. For example, UTMs typically include firewall, intrusion prevention system ( IPS ), remote access ( VPN ), outbound management (WAN), secure Web access, and than email. But by 2022, Gartner estimates that 25% of SMEs will also use cloud-based application access inventory and security features ( CASB ), compared with less than 2% in 2017.
In the 2017 edition of its magic quadrant on UTM systems – the 2018 edition is not yet available at the time these lines are written – the firm has identified three leaders: Fortinet, Check Point, and Sophos. Cisco and SonicWall are positioned as challengers, and WatchGuard as visionary. It should be noted that Fortinet and Check Point have just received a very good note of effectiveness against threats from NSS Labs , for their new generation firewalls. SonicWall also fared well, at significantly over 90%. WatchGuard stayed slightly below this bar. Sophos has, however, been severely downgraded.
A market dominated by a few leaders
According to Gartner, Fortinet has an offer with a robust “features / price / performance” ratio. Clients surveyed by the firm regularly raise this point. With 177 comments on the dedicated portal of Gartner, the equipment manufacturer comes out with a score of 4.6 / 5. The firm also emphasizes Fortinet’s integrated security vision, not only with its own network security products and endpoints, but also with third parties through its Security Fabric.
Last year, however, Gartner echoed some reservations expressed by customers: lack of intuitive administration console, reduced satisfaction with the ability to process https feeds, or support for ecosystem not necessarily very responsive.
Check Point is also developing an integrated approach to security. And according to Gartner, the charm works mainly because of enterprise-class security, easy administration, and an intuitive graphical interface. On the Gartner comment portal, Check Point posts a rating of 4.4 / 5, for 40 testimonials.
Not free of imperfections
However, the firm observes some flaws, such as the lack of quarantine of email accessible to the user, or the only support of https for the processing of encrypted streams, and the lack of integration with the CASB offers of third parties or support for cloud provider APIs. But since then, Check Point launched CloudGuard in February , attacking the security of SaaS applications.
Sophos, for its part, also seduces by the effort of integration between hosts and network, the simplicity of use and the functional richness, fruit of “the continuous realization of an aggressive roadmap “. The business approach is not forgotten: Gartner points out that Sophos is the only one “to offer three months of free support, as well as a one-year warranty for customers who want to try their UTM before committing to pay a support contract “.
However, the firm lamented last year limited efforts for the SG range, in favor of the range of XG appliances, but also the lack of features of CASB or integration with the ad-hoc offers of third parties.