View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. What Is
June 6, 2023updated 28 Jul 2023 3:10pm

What is UTM?

Why are unified threat management (UTM) products gaining ground in the cyber security market?

By Tech Monitor Staff

In the sector of cybersecurity, unified threat management (UTM) offers a full defence against different types of cyberattacks. Even though it has the same objectives, UTM is slightly different compared to firewalls and antivirus software.

Many businesses and small to medium corporations have adopted a UTM system, but what is it exactly?

Concept of cybersecurity based on UTM
UTM helps businesses to be more protected from cyberattacks (Photo: metamorworks/Shutterstock)

What is UTM?

A UTM is an information security (infosec) system which includes, in one location, protection against cyber threats such as viruses and other malware, alongside complex network attacks.

The factors that distinguish it from other anti-virus software is that it does not just act on computers and PCs, but it covers entire networks and individual users. It does so by overseeing traffic and blocking eventual threats. The reason why many small and medium-sized businesses (SMBs) adopted UTMs is that it offers many features from one singular system rather than many smaller ones.

A UTM device, in particular, protects businesses from the main five cyber threats: malware, phishing, viruses and trojans, hackers and denial of service (DoS). In a normal antivirus structure, many different components are needed to tackle these issues. In a UTM, on the other hand, no separate technology is needed.

How does UTM work?

A UTM network has two main ways to scan for security breaches and cyber threats, either via a flow-based inspection or a proxy-based one. The former is also referred to as stream-based inspection, which deals with and filters data that breaches a security device such as a firewall. These devices are made to detect viruses or other malicious activity.

The latter, the proxy-based inspection, inspects entire packets of content that pass through a firewall, IPS or VPN server. By doing this, the network security device itself can act as a proxy to filter through the information that enters the device.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

What are UTM’s main features?

The most widespread UTMs normally include an array of features. The principal ones are antispam services, URL filtering and application control, firewalls, VPN, content filtering, and intrusion detection and prevention.

Antispam services are also called spam filters and, as the name suggests, they filter email-based attacks while monitoring inbound and outbound messages. Some of them already know what to look for, for instance, specific words or addresses, while others for entire word patterns thanks to the Bayesian process analysis.

Similarly, firewalls also control inbound and outbound traffic, however, rather than emails, they focus on network traffic. A firewall can either be hardware or software-based and its main purpose is to block and prevent malicious content from accessing information about computer files or web servers. The three main kinds of firewalls are circuit-level gateway, application-level gateway and packet filtering.

Content filtering mostly acts on web pages, controlling the information that goes through a network with the help of filters such as Internet Protocol (IP) address or media access control (MAC) address. The threat it mostly looks out for is data loss following an information breach.

Read more: Cyberattack on University of West Scotland claimed by Rhysida ransomware gang









Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.