Secure your network

Enterprise-grade security technologies such as unified threat management appliances are trickling down to the small-business level

Content and keyword filtering

With content and keyword filtering, you can block access to specific IP addresses, domains, and URLs by invoking the vendor's database of inappropriate Web sites and keywords in various categories, as well as by adding or subtracting your own. Content filtering isn't just for porn. You could block Web mail sites, for example, or video-streaming services. You can use filtering on outgoing data as well as incoming data, so you could prevent people within your network from sending explicit e-mail or instant messages. Check to confirm that the UTM appliances you're considering have the content-filtering capabilities you need.

Spam filtering

A few UTM appliances have antispam filters, but most offer it only as an extra-cost option (if at all). Because spam filtering can have a major effect on firewall throughput, many IT experts prefer to use a separate spam filter at the mail server. Your ISP probably can perform this task at little or no extra charge if you use its e-mail services. If you run your own e-mail server behind your firewall, UTM appliance-based spam filtering may be appropriate.

Intrusion detection and prevention

Intrusion detection goes beyond the simple packet header inspection that all firewalls perform, actually examining the packets' contents as well. Together with deep-packet inspection, intrusion detection and prevention systems use ever-evolving rules and behavioral algorithms to block suspected attacks, much as antivirus software does.

Data-leakage prevention

Less commonly available--but important to some small businesses--is data-leakage prevention. "Data leakage" refers to the loss of proprietary information and documents from the network via e-mail, e-mail attachments, instant messaging, Web site uploads, and so on. Law and medical offices especially need to prevent transmittal of client or patient data; they can be sued if such information leaks out.

DLP software uses content filtering or simply blocks e-mail attachments and file transfers. You may be able to simulate DLP by using regular content and port filtering tools, but you'll need to anticipate some of the ways data can leak, and some expertise in security configuration is extremely valuable. A security consultant can be a big help here.

Gateway throughput

One of the first specs you'll see on any UTM appliance datasheet is firewall performance or throughput, expressed in mbps (megabits per second). These numbers can provide a rough guide to performance, but they may not factor in the impact of the UTM tools you use--from intrusion detection to antivirus to content filtering--which can reduce throughput by up to 50 per cent, though some gateways handle the hit better than others due to speedier processors or more efficient software. Antispam filters usually have the heaviest impact on throughput.

Most vendors have try-before-you-buy programs, so take advantage of these arrangements to ensure that the UTM appliance you ultimately select has the features you need and doesn't bog down under your network's loads. When you count the number of users on your network, remember to include peripheral network devices such as NASs, printers, and PDAs, since they may count toward the "recommended" user load.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Becky Waring

PC World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Tom Pope

Dynabook Portégé X30L-G

Ultimately this laptop has achieved everything I would hope for in a laptop for work, while fitting that into a form factor and weight that is remarkable.

Tom Sellers

MSI P65

This smart laptop was enjoyable to use and great to work on – creating content was super simple.

Lolita Wang

MSI GT76

It really doesn’t get more “gaming laptop” than this.

Jack Jeffries

MSI GS75

As the Maserati or BMW of laptops, it would fit perfectly in the hands of a professional needing firepower under the hood, sophistication and class on the surface, and gaming prowess (sports mode if you will) in between.

Taylor Carr

MSI PS63

The MSI PS63 is an amazing laptop and I would definitely consider buying one in the future.

Christopher Low

Brother RJ-4230B

This small mobile printer is exactly what I need for invoicing and other jobs such as sending fellow tradesman details or step-by-step instructions that I can easily print off from my phone or the Web.

Featured Content

Product Launch Showcase

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?