By Joel Snyder
Network World, November 12, 2007
Original Article on Network World Web Site
Tests show strong firewalls abound, but adding IPS, antivirus slows devices
Are there unified threat-management firewalls with the chops to provide the perimeter-security functions that an enterprise needs? In this Clear Choice Test, we set out to determine whether we could find a UTM firewall that could scale up successfully in performance, feature set and manageability.
We tested 13 UTM products from 12 hardware vendors and nine software vendors, all aimed squarely at the enterprise. We evaluated these products on performance. Could they deliver firewalling at gigabit speeds in an environment that included virtual LANs, dynamic routing, high availability and centralized management? And could they perform with intrusion-prevention systems (IPS) and antivirus turned on?
No single product came out on the top, but Juniper Networks, Check Point Software and Cisco were head and shoulders above the rest.
While products from these three companies can be beat in individual categories (IBM Internet Security Systems [IBM/ISS] soared in the IPS category, and Fortinet beat folks hands down on antivirus tests), they consistently finished among the top performers in all categories.
Because Check Point was represented four times (with its software riding on its own UTM-1 2050 box, as well as on hardware from Crossbeam Systems, IBM and Nokia) and Juniper twice (once on its ISG-1000 and once on its SSG-520M), these two vendors claimed the top seven spots on our scorecard.
We give the firewalls within these all-in-one devices an enthusiastic stamp of approval. Their UTM features, however, are another matter. We found that most products have dangerously variable performance characteristics when such UTM features as antivirus and IPS are turned on. We also found that the IPS and antivirus coverage in most products is not particularly strong. We had a few outstanding products in those tests, but not enough consistent winners to say that every enterprise should jump onto the UTM bus.