SonicWall released a new version of its security platform, SonicOS 5.5 - the operating system that powers its unified threat management (UTM), Email Security 7.2 and Global Management System. Ordinarily, the release of a new specialty operating system by a security or network vendor isn't cause for writing headlines, but the SonicWall launch comes amid a simmering debate about the utility of UTM devices in enterprise deployments, and SonicOS 5.5 is reason to give naysayers pause.

SonicOS 5.5 features new Active/Active UTM, which enables higher levels of security and reliability by synchronizing inspection of network traffic between two or more UTM devices. Additionally, SonicOS 5.5 includes new automated management tools that enable UTMs to identify traffic flows and capacity needs and tap into secondary memory to ensure adequate throughput even through peak loads. These are significant enhancements, considering that UTMs often vary in size and capacity that reflect their location in the network infrastructure. The version also includes multi-WAN interfaces, scalable SSO implementations, route-based VPNs and deeper analytical capabilities.

Late last month, Gartner analyst and blogger Greg Young wrote a missive titled “Unicorns, Pixies and Enterprise UTM,” in which he basically dispels the notion of unified threat management devices being an enterprise product. His argument follows along the Gartner position that there are multifunction firewalls (devices that include IPS, antivirus and other features) built for SMBs and enterprise-class firewalls that are intended for environments with 1,000 or more seats. “At Gartner, we haven't seen enterprises shifting to using UTMs or SMB multifunction firewalls, nor do we forecast that this will happen any time soon,” he wrote.

Young doesn't dismiss the notion of UTM (although Gartner doesn't recognize the nomenclature) and even recognizes that some enterprises will deploy UTM devices in branch and remote offices. But he says that a branch or remote office deployment of UTM does not make it enterprise-worthy. He even goes as far to say that managed services providers, carriers and hosting companies that use UTM devices as part of their security service delivery do not qualify as “enterprise.”

The blog post prompted a spirited, if not poetic, response from former Gartner security analyst Richard Stiennon, who called Young's position as “adamantly” defending the status quo. Stiennon's response, “Enterprise UTM” on his ThreatChaos blog, included nine examples of enterprise-level UTM deployments that are leveraging the technology to protect their infrastructure and data flows. “Enterprises are using UTM solutions. Further, legacy firewall vendors, through their failure to protect against web, email, and IM based attacks, are doomed. They must re-invent themselves or go the way of proxy firewalls: oblivion,” he wrote. (Note: Stiennon, now an independent analyst and consultant, was also the chief marketing officer at Fortinet, which specializes in UTM and multifunction devices.)

Stiennon is right, at least partially. It's not to say that high-capacity stateful inspection or proxy firewalls are doomed to the dustbin of technology history, but the increasing threats and the need for better security management is rightfully resulting in the consolidation of functions into single appliances and software sets. Companies such as SonicWall, Fortinet, Juniper Networks, WatchGuard and Check Point have offered firewalls, security appliances and unified threat management devices with varying levels of capacity and capability to meet the needs of small businesses, midmarket companies and enterprises. And despite Young's assertions to the contrary, enterprises deploying scaled versions of UTM devices in smaller offices and network segments do qualify as enterprise deployments because such devices must integrate with the management and reporting structure of the total enterprise.

More significantly, SonicWall's SonicOS 5.5 and recent software development by firms such as Fortinet and Check Point show that processing and inspection power required by the enterprise is becoming a staple of the SMB deployment. UTMs and multifunction security software and devices are not only becoming increasingly more powerful and effective, but a necessity for management efficiency.