I recently polled the Gibbs Irregulars for their thoughts on unified threat management appliances.

I should explain that the Gibbs Irregulars are a group of Network World readers I occasionally poll for their thoughts on various topics. If you want to join, send a message with the subject "subscribe" to gi@gibbs.com and I'll add you to the list.

UTM appliances are devices that combine traditionally separate security services, such as a stateful inspection firewall and intrusion-prevention services, with content filtering and antivirus, antispam and antispyware features. They also can enforce policies and generate reports. Products in this market include the Check Point Safe@Office 500, the SonicWall Pro 2040, the WatchGuard Firebox line and the Zyxel ZyWall.

I assumed that UTMs would be mostly used by small organizations, given that larger companies with large infrastructure investments would most likely extend existing services rather than add new ones. Not so. Some big companies love UTMs, while some small companies have no interest in them.

From talking to the Gibbs Irregulars, it seems interest in UTMs is related to general preferences about building and extending networks rather than company size.

Several readers said a good UTM solution provides services that are good enough for all practical purposes. They liked that UTMs made deployment, management and integration simple.

An opposite view was expressed by several respondents: UTMs can't deliver the best of breed in every service and therefore aren't acceptable for companies that want the very best solutions.

These opposing views raised two questions: Given that computer products evolve so quickly, is there such a thing as products that are best of breed, that is, provide greater value and ROI than other, lesser products? The other question is whether best-of-breed products can be combined and still remain best of breed.

We hear the term best of breed often, but what does it mean? In theory, the best of breed is the finest product in its class. In practice, products are usually best of breed until they are eclipsed by another product.

The idea of building superior systems by using best-of-breed products is appealing. Such a strategy should result in, for example, a network that is robust and efficient. But I find little evidence that this is the case. In the real world, putting together complex products is almost always a difficult task, and integration tends to degrade utility.