Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat...
-
Upload
vuongquynh -
Category
Documents
-
view
221 -
download
1
Transcript of Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat...
![Page 2: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/2.jpg)
2
Agenda: Unified Threat Management
What is it? UTM Features and where you should use
them Performance and UTM Cost and UTM
![Page 3: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/3.jpg)
3
What is UTM?Why would you want to use UTM?
![Page 4: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/4.jpg)
4
UTM is a buzzword for…
“threatmitigation westuck in thefirewall”
“whatever newthing that wedidn’t used to dothat we do now”• For a price, usually
Physical
Data Link
Network
Transport
Session
Presentation
App
![Page 5: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/5.jpg)
5
UTM can cover many bases
BadContent
ControlUsage
BadActivity
EnforcePolicy
Anti-Spam
Anti-Virus
Anti-Spyware
Anti-Phishing
IntrusionPrevention
DoS/DDoSMitigation
ContentFiltering
ApplicationBlocking
BandwidthManagement
RegulatoryLogging/Blocking
![Page 6: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/6.jpg)
6
UTM has taken over the firewallindustry
Current Vendors Include: Check Point Cisco Systems FortiNet IBM/ISS Juniper/NetScreen Secure Computing SonicWALL Symantec Untangle WatchGuard ZyXel
Features Include: Firewall VPN Anti-Virus Anti-Spam Anti-Spyware Anti-Phishing Bandwidth
Management IPS/IDS Content Filtering Web Proxy
![Page 7: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/7.jpg)
7
UTM is an alternative to the commonapproach to perimeter securityRack’em and Stack’em UTM
![Page 8: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/8.jpg)
8
Arguments for UTM vary dependingon your environment
In the SMB space, four arguments push UTM
![Page 9: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/9.jpg)
9
In the Enterprise Network, UTM has avery different justification
Ability to bring security services in and out of theequation quickly supports threat responserequirements best
Flexibility
A single management interface reduces thepossibility of mistakes
Management
High Availability and Scalability are dramaticallysimplified in UTM
Complexity
By intelligently routing traffic to different engines,performance of a single large box can exceedmultiple small boxes
Performance
Long-term costs for UTM will likely be lower thanindividual point solutions
Cost
NotesCriteria
![Page 10: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/10.jpg)
10
Of course, neither strategy excludesthe other
You may want to do amix-and-match solutionbecause• You have different
management responsibilities(e.g., email versus networklayer)
• You have audit requirements(e.g., compliance versussecurity)
• You have randomrequirements that aren’t metby a single product (e.g., boxmust be blue and have aprime number of fans)
![Page 11: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/11.jpg)
11
Which parts of UTM are best?Which ones should I use?What will it cost me?What are key tactics on UTM?
![Page 12: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/12.jpg)
12
Not every function in a UTM firewalloffers the same level of security
Anti-SpamAnti-VirusAnti-SpywareAnti-PhishingIntrusion PreventionDoS/DDoS MitigationContent FilteringApplication BlockingLogging and AuditingRegulatory LoggingRegulatoryCompliance
Let’s run through them tomake some generalobservations.
Start with:
The UTM/no-UTMdecision is often abudget and appropriatefit one!
![Page 13: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/13.jpg)
13
Anti-spam/Anti-phishing with UTM isnot a complete package
Anti-SpamAnti-VirusAnti-SpywareAnti-PhishingIntrusion
PreventionDoS/DDoS
MitigationContent FilteringApplication
BlockingLogging and
AuditingRegulatory
LoggingRegulatory
Compliance
Reputation-basedIP filteringPowerfulsignature/heuristic-basedanti-spamEnd UserQuarantinePer-user settingsGreater control,reporting
Blacklist IP-basedfilteringSimple DCC orcontent-basedanti-spam
Edge EmailSecurity DeviceUTM
![Page 14: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/14.jpg)
14
Anti-Virus and Anti-Spyware are themost common UTM features
Anti-SpamAnti-VirusAnti-SpywareAnti-PhishingIntrusion
PreventionDoS/DDoS
MitigationContent FilteringApplication
BlockingLogging and
AuditingRegulatory
LoggingRegulatory
Compliance
Works great atdetecting outbound“phone home” ofmalware/spyware
Works well for knownprotocols (SMTP,IMAP, POP) as long asthe channel isn’tencrypted
Works moderately wellfor web-based traffic aslong as the channel isn’tencrypted & the port ispredictable
![Page 15: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/15.jpg)
15
With IPS, the problem isn’t thetechnology but the interface
Anti-SpamAnti-VirusAnti-SpywareAnti-PhishingIntrusion
PreventionDoS/DDoS
MitigationContent FilteringApplication
BlockingLogging and
AuditingRegulatory
LoggingRegulatory
Compliance
Signatures and signature-based alerts don’t work.
DoS/DDoS mitigation worksbetter out of the box becausemost UTM firewalls aren’t infront of hosting farms. Asimpler interface is optimal.
![Page 16: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/16.jpg)
16
Content Filtering and ApplicationBlocking are “sweet spots” for firewalls
Anti-SpamAnti-VirusAnti-SpywareAnti-PhishingIntrusion
PreventionDoS/DDoS
MitigationContent
FilteringApplication
BlockingLogging and
AuditingRegulatory
LoggingRegulatory
Compliance
As a choke-point, firewallsare perfectly situated toenforce policy…
… although be aware thatnot every application wants
to be enforced.
With content filtering, a 90%solution is generally acceptable.
![Page 17: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/17.jpg)
17
Logging and Compliance require morethan a UTM firewall
Anti-SpamAnti-VirusAnti-SpywareAnti-PhishingIntrusion
PreventionDoS/DDoS
MitigationContent FilteringApplication
BlockingLogging and
AuditingRegulatory
Logging &Compliance
More firewalls;leak protectors
Personal informationintegrity
EU DataProtection
More firewalls;disk
Promoting financialstability
Basel II
More firewallsDisclosure when aprivacy breach occurs
CaliforniaSB1386
More diskSupport of auditprocess
SEC 17A-4
More firewalls;leak protectors
Health informationprivacy and control
HIPAA
More diskFinancial reportingintegrity
SOX
More firewalls;leak protectors
Protection of privatefinancial information
GLBA
How IT Helps?GoalRegime
![Page 18: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/18.jpg)
18
Best Practices for UTM
Imperfect security isbetter than no security
Let your budgetoverride everything
IPS, IDSDon’t use technologiesyou don’t understand orwon’t manage
Anti-spam, anti-phishing
Don’t use UTM where itdoesn’t work well
Anti-virus, anti-spyware
Use UTM to backstopbetter technologies
DDoS mitigation,application control,bandwidthmanagement, contentfiltering
Use firewall + UTMwhere it fits perfectly
![Page 19: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/19.jpg)
19
UTM Performance: Nothing is Free
![Page 20: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/20.jpg)
20
UTM Performance: Nothing is Free
![Page 21: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/21.jpg)
21
Performance hit is no anomaly
Goodput(mbps)
Latency(sec)
![Page 22: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/22.jpg)
22
Goodput is not the most importantmetric for a firewall
Addedmoderatelatency
Addedlatencyand loss
Addedlatency,loss, andbandwidthcap
![Page 23: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/23.jpg)
23
UTM has benefits, and it has costs
UTM Benefits Reduces number of
boxes you have to buy Reduces amount of un-
coordinatedmanagement
Ideally positioned(bottleneck) forInternet-facing security
Allows you toincrementally addsecurity withoutcomplexity
UTM Costs• System performance can
be dramatically affected• “Single Choice” may be
wrong choice for yournetwork
• Some UTM features arein for check-listpurposes, and not forsecurity purposes
• Subscription costs needto be budgeted
![Page 24: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/24.jpg)
24
Four Key Tactics for UTMs
Nothing is Free• Adding security services
to your network at anypoint will cost you time,money, and reliability.If you don’t budget forit, how are you going topay for it?
A Strong Perimeteris a Good Thing• But a deep defense is a
better thing. Don’t letmoney spent on theedge deceive you.
The Devil Is In TheDetails• Understand exactly what
features of perimeterdefense you need. Ifyou don’t need it, don’task for it.
Do What MakesSense• Natural consolidation is
a good thing. Forcingconsolidation is a badstrategy.
![Page 25: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/25.jpg)
25
How do I make a business casefor UTM?Will UTM save me money,really?
![Page 26: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/26.jpg)
26
Perimeter Intrusion Defense issomething you already have The question is: how do we grow perimeter
security? Should we use UTM or not?
Do you addadditional services
to a UTM-ishfirewall?
Are yourperimeterdefenses
adequate?
Do you addstandalonedevices at theedge?
![Page 27: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/27.jpg)
27
How a Normal Business Decision isSupposed to be Made
BusinessRequirementsand Needs
IT or MISProject, Action,
or Service
“Customers need tobe able to see thestatus of orders,including shippingand trackinginformation.”
Project: Web-basedportal into SAP toshow order status;link to UPS via XMLfor shippinginformation
![Page 28: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/28.jpg)
28
The problem with security it that itdoesn’t solve direct requirements
BusinessRequirementsand Needs
IT or MISProject, Action,
or Service
??? Project: Upgrade ourexisting firewall toUTM version to addIntrusion PreventionSystem on Internet-facing links
![Page 29: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/29.jpg)
29
So most security people buildframeworks…
Identify assets anddefine their value
Identify threatsto assets
CalculateSLE = (EF x Value) + Downtime
SLE = Single LossExpectancyEF = Exposure Factor(0-100%)ALE = Annual LossExpectancyARO = Annual Rate ofOccurrence (0-100%)
CalculateALEbefore = ARObefore * SLEbefore
Figure out a solutionthat mitigates risk
Change EF,ALE, and ARO
CalculateALEafter = AROafter * SLEafter
Compare ALEbeforewith ALEafter
![Page 30: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/30.jpg)
30
Even if the numbers are largelybogus, you can ask yourself…
Compare ALEbeforewith ALEafter
Is the amount ofmoney I amproposing to
spend LESS orMORE than thechange in ALE?
∆ = ALEbefore- ALEafter
![Page 31: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/31.jpg)
31
But your typical CxO doesn’t want tosee the framework “The CIO wasn't going to look at the twenty seven eight-by-
ten color glossy pictures with the circles and arrows and aparagraph on the back of each one explaining what each onewas to be used as evidence against us.”
(with apologies to Arlo Guthrie)
So what do I do?If there’s no requirement,
Am I wasting time & money?
![Page 32: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/32.jpg)
32
You can fall back to the SecurityManager’s Best Friend The Fear, Uncertainty, and Doubt Strategy
Find out what newspaper the CxO reads
Get a Subscription and Read It(Hint: you may have to touch paper to do this)
Wait until there is a story about some awfulsecurity thing happening to someone, somewhere
Run into CxO’s office withunsigned purchase requisitionfor random piece of security
SW/HW. Tell him/her this willkeep them out of the
newspaper.
![Page 33: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/33.jpg)
33
When you add these newtechnologies, there are OpEx costs UTM technology is
moving from a CapExmodel to an OpEx model
Adding security servicesadds management costswhether UTM ordedicated
It’s not a questionof one-timeexpenses.
It’s a question ofcontinuing costs!
![Page 34: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/34.jpg)
34
For example, let’s suppose you likethe ZyXel ZyWALL UTM 70 firewallCapital Cost: $1,588.00 1 Year: Anti-Virus and
Intrusion Prevention:$362
1 Year: Anti-Spam: $202 1 Year: Content Filtering:
$299
Capital:$1,588.00
Security Services:$863.00
![Page 35: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/35.jpg)
35
But wait, there’s more…Hardware
maintenance tasks Firewall configuration
management, @ 24hours/year
Periodic SoftwareUpdates, @ 12hours/year
Softwaremaintenance tasks
Anti-virus management, @ 12hours/year
Intrusion Preventionmanagement, @ 48 hours/year
Content Filtering management, @24 hours/year
Anti-spam management, @ 48hours/year
Capital:$1,588.00
Security Services:$863.00
Management Time: 168hours/year, or about $6,500.00
![Page 36: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/36.jpg)
36
How about the SonicWALL PRO 2040?
Capital Cost: $1,995.00 1 Year: Anti-Virus andIntrusion Prevention:$695
1 Year: Content Filtering:$995
Capital:$1,995.00
3 year Service costs:$4,788.00
(special package deal)
![Page 37: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/37.jpg)
37
How about the Netscreen SSG20?
Capital Cost: $1,100.00 1 Year: Anti-Virus, IPS,Content Filtering, andAnti-Spam: $700
Capital:$1,100.00
3 year Service costs:$2,100.00
![Page 38: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/38.jpg)
38
You can always save money usingOpen Source technologies
ZyXel Proposal(1 year costs)
Capital: $1,588 Support: $863 Overhead: 168 hours,
$6500
Total: $8,951
Open Source Proposal(1 year)
Capital: $000 Support: $000 Overhead: 336 hours,
$13,000
Total: $13,000
OK, I just put this in here as flame bait.But the point is real: overhead costs for thistechnology dominate acquisition costs
![Page 39: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/39.jpg)
39
All this tells us some very unpleasantthings It’s hard to justify
spending money onsecurity, because theROSI (Return onSecurity Investment) orROI (Return onInvestment)
The cost for thehardware is veryreasonable, but…
The cost for the ‘service’can add 50% to 100% tothe total each year,and…
Your overhead andmanagement costs are acontinuing burden
![Page 40: Unified Threat Management - opus1.comopus1.com/www/presentations/smartdefense-utm.pdfUnified Threat Management Joel M Snyder Senior Partner Opus One jms@opus1.com. 2 Agenda: Unified](https://reader030.fdocuments.in/reader030/viewer/2022021512/5aeb67517f8b9a45568d09d2/html5/thumbnails/40.jpg)
40
Tips and Hints:The Business Case for UTM Security DO make the calculation of
costs and expected benefitsfor any intrusion defense.• Learning IPS might be a lot
of fun, but if it doesn’t bringenough value, maybe it’snot right.
DO NOT fail to budget forsupport and subscriptions.UTM firewalls withoutupdates are doorstops.
DO prioritize based on yourrequirements and risks.DO NOT pick servicesbecause they came with theUTM firewall you alreadybought.
DO NOT depend on FUD tosell security. But DO takeadvantage of it whenopportunity presents itself.