For SMBs, with limited or no internal IT staff and modest budgets, the best solution to their network security needs is a unified threat management (UTM) security appliance. Why? Because these devices are very affordable, offer excellent protection, and require little or no technical expertise to install or maintain.

A UTM solution provides comprehensive protection to customers as it has tightly integrated security features that work together on a single appliance. UTMs typically include intrusion detection and prevention, gateway antivirus, e-mail spam filtering and Web content filtering, as well as a firewall.

This class of appliance makes it easy for organizations to manage their security because they only have to deal with one box and, generally, one source of support. Such an appliance solution is highly cost-effective as it offers a centralized console that enables monitoring of network security at remote locations.

Of course, not all appliances are created equal so do your homework.

The Vendor Landscape: IT Security Appliances report issued last year by Info-Tech Research Group, identified five vendors -- Cisco, Fortinet, IBM, SonicWALL and WatchGuard -- as having the best UTM appliances for SMBs. We're going to take quick look at each:

Cisco

Key SMB products: ASA 5500 Series - Cisco's security appliances integrate industry-leading firewalls, VPN technology, intrusion prevention, content security, and unified communications security in a single platform.

These applications help stop attacks before they penetrate the network perimeter; control network and application activity by using context-aware security parameters; and protect resources and data, as well as voice, video, and multimedia traffic.

Cisco's boxes also include context-aware firewalling capabilities, which feature in-depth local network context from TrustSec; real-time global threat intelligence from Cisco Security Intelligence Operations; and unique mobile client insight from AnyConnect.

In addition, these solutions offer an advanced intrusion prevention system (IPS) with global correlation, which Cisco claims is twice as effective as a traditional IPS.

Prices for the Cisco products range from around $370 for the 5505 to around $5000 for the 5520.

Fortinet

Key SMB products: 200B, 310B, 620B, and 1240B - Fortinet's appliances provide enterprise-class protection against network, content, and application-level threats. Dynamic updates from the FortiGuard Labs global threat research team ensure that systems are protected against the latest threats.

The products incorporate sophisticated networking features, such as high availability (active/active, active/passive) for maximum network uptime, and virtual domain (VDOM) capabilities to separate various networks requiring different security policies.

Fortinet's appliances integrate all the essential security services needed to protect a business in an affordable package, including antivirus, firewall, VPN, intrusion prevention, Web filtering, antispam, antispyware, and traffic shaping.

These easy-to-deploy and manage systems deliver comprehensive protection in a flexible, turn-key platform that is ideally suited to provide smaller businesses and branch offices with the security they need.

An intuitive Web-based management interface is consistent across all Fortinet appliances for rapid deployment and simple management.

Prices for the Fortinet products range from around $3000 (minimum) for the 200B to around $20,000 (minimum) for the 1240B.

IBM

Key SMB products: Proventia Multi-Function Security

These IBM boxes are powerful and affordable solution designed to preemptively stop Internet threats including viruses, worms, hackers, spam and unwanted Web content before they penetrate your network and disrupt business. The ability to stop threats before impact helps streamline IT operations by avoiding unscheduled patch­ing and costly security breaches.

The IBM appliances combine the company's industry-leading intrusion prevention technology with firewall, signature and behav­ioral anti-virus, VPN, Web filtering and anti-spam features.

The boxes offer the flexibility to "grow as you grow" by enabling companies to add more security capabilities as needed.

Prices for the IBM Proventia products range from around $1500 to around $5000.

SonicWALL

Key SMB products: NSA line and TZ line

With advanced routing, stateful high-availability and high-speed VPN technology, the NSA series provides security, reliability, functionality and productivity for branch offices, central sites and large distributed environments, while minimizing cost and complexity.

The SonicWALL TZ Series of firewalls integrates gateway antivirus, antispyware, intrusion prevention, content filtering, antispam and application control, offering high performance multi-layered network protection and a great value.

Prices for the SonicWALL products range from less than $1000 to around $30,000.

WatchGuard

Key SMB products: XTM 2 Series

The XTM 2 series provides security to small business and remote sites that need strong protection without a hefty price tag. Enterprise-grade security includes full HTTPS content inspection and VoIP support.

Wireless models feature dual-band 802.11n for Wi-Fi with enhanced speed and responsiveness. Centralized management tools allow administrators to work from an intuitive console, scriptable CLI, and web UI.

The appliances include real-time monitoring and reporting at no extra cost. It is ideal as a stand-alone security solution or VPN endpoint on a WatchGuard XTM or Firebox X network.

 

Prices for the WatchGuard products range from $300 to $700.

Herman Mehling has written about IT for more than 25 years. He has worked for many leading computer publications and websites, including Computer Reseller News, eWeek, and InformationWeek. Currently, he contributes regularly to Devx.com and Enterprisestorageforum.comas well as ProjectManagerPlanet.com