Testing All-in-one Firewalls

Joel Snyder examines 13 Unified Threat Management (UTM) products for performance, manageability, power consumption and more.

Are there unified threat management (UTM) firewalls with the chops to provide the perimeter security functions that an enterprise needs? After all, enterprises generally employ best-of-breed security products, not the all-in-one devices popular with the small and medium business set. In this test of 13 enterprise UTM products Network World Lab Alliance member Joel Snyder puts these products through their paces in eight categories. Overall, he finds that good enterprise firewalls are plentiful, but adding in UTM features like intrusion prevention and anti-virus scanning will yield very spotty performance. The overall top performers in this test are Juniper, Cisco and Check Point.

These links provide direct access to our underlying reasoning for testing this class of products as well as a detailed methodology on how we tested them. You'll also find here a summary of how each of the 13 products tested faired across the 10 categories assess and get some insight into the things we couldn't actually prove (but still need to be considered) within the confines of this testing project.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Are there unified threat management (UTM) firewalls with the chops to provide the perimeter security functions that an enterprise needs? After all, enterprises generally employ best-of-breed security products, not the all-in-one devices popular with the small and medium business set. In this test of 13 enterprise UTM products Network World Lab Alliance member Joel Snyder puts these products through their paces in eight categories. Overall, he finds that good enterprise firewalls are plentiful, but adding in UTM features like intrusion prevention and anti-virus scanning will yield very spotty performance. The overall top performers in this test are Juniper, Cisco and Check Point.

Intro to UTM Testing

These links provide direct access to our underlying reasoning for testing this class of products as well as a detailed methodology on how we tested them. You'll also find here a summary of how each of the 13 products tested faired across the 10 categories assess and get some insight into the things we couldn't actually prove (but still need to be considered) within the confines of this testing project.

• Why test all-in-one firewalls for the enterprise?
• How to test all-in-one firewalls
• The bottom line of our testing: Netresults and Scorecard
• Podcast: What Joel Snyder thinks, but could not actually prove about testing enterprise UTM

Testing categories

Network World Lab Alliance member Joel Snyder assessed each of the 13 UTM products in ten categories. Here is a category by category breakdown of the results.

• CheckPoint’s UTM Management falters; Cisco, Juniper gain ground
• UTM Performance takes a big hit
• Juniper, Cisco offer top IPS tools with UTM firewalls
• VPN capabilities vary widely across UTM Firewall
• Tracking UTM High Availability
• A closer look at UTM hardware architecture
• UTMs require routing for flexibility’s sake
• Watts up with UTM power consumption
• UTM and IPv6: Do they mix?
• Anti-virus isn’t a good fit for UTM

Product Summaries

These links provide a product-by-product breakdown of the all-in-one firewall wares tested by Lab Alliance member Joel Snyder.

• Astaro ASG 425a
• Check Point UTM-1 2050
• Check Point VPN-1 UTM Gateway
• Cisco ASA 5540
• Crossbeam C25
• Fortinet FortiGate 3600A
• IBM System x3650
• IBM/ISS MX5010
• Juniper ISG-1000 and Juniper SSG-520M
• Nokia IP290
• Secure Computing Sidewinder 2150D
• SonicWALL PRO 5060
• WatchGuard Firebox Peak X8500e