Enterprise UTM is not a myth
September 28, 2009 at 8:53 am
In July, Gartner published its Magic Quadrant for SMB Multifunction Firewalls report, which we view positively as it is the firm’s official validation of multifunction security consolidation appliances. Gartner defines multifunction firewalls as all-in-one security appliances, and multifunction firewall is the firm’s term for what has been more widely known as unified threat management, or UTM, coined by IDC in 2004.
Fortinet pioneered and built its business on the vision that unified solutions bring security, cost, and operational benefits to customers of all sizes. While we are pleased to be the best-positioned vendor in Gartner’s report, we disagree with various statements the firm makes — namely that multifunction firewalls (or UTM solutions) only belong in small to medium business environments. We see evidence to the contrary every single day.
It is true that SMBs and larger enterprises use multifunction firewalls differently; SMBs typically deploy more of the integrated security functions than do large enterprises. However, we believe, and the data supports, that numerous enterprises, telecommunication carriers and service providers have adopted UTM solutions for the benefit of being able to turn the functions on one at time as needed without having to deploy additional functions. This is a clear trend among our enterprise customers. But perhaps the strongest evidence for UTM’s rightful place in enterprise environments is quantitative data from IDC.
According to the IDC Worldwide Security Appliance Tracker, more than $500 million was spent on enterprise and high-end UTM appliances in 2008, compared with $280 million in 2006*. So, if UTM is not an enterprise or high-end play, where are all of these units going?
Further supporting IDC’s quantitative data is research from Frost & Sullivan, who reported in its World Unified Threat Management 2008 end-user study that “UTM has started to appear in enterprise and data-center class networks.” We are observing the same trends that IDC and Frost & Sullivan are seeing. Here is some data to support this:
- Fortinet has shipped more than 450,000 UTM appliances.
- More than 75,000 global customers, including the majority of the Global 100, have purchased our UTM appliances.
- Some notable customers include Polycom, CKE Restaurants, Sylvania and many branches of the U.S. Federal Government, including the Marine Corps, Army, Navy, Air Force, civilian agencies and the intelligence community.
Gartner is certainly entitled to its opinion, but there are hard facts to support the notion that UTM appliances are not an SMB only solution. Data from numerous analyst firms, vendors, and end-users themselves give credence to the fact that enterprises are adopting UTM solutions at an accelerating pace. For a firm like Gartner to continue to ignore or refute this market shift is difficult to fully understand and seems a disservice to those who rely on their research and analysis.
* Data based on price bands above $6K
All Posts
Twitter
FaceBook
LinkedIn
YouTube
I saw from the Matrix that Most of the FortiGate new Series has a tremendous Throughput compared to the other. For example I have 310B and it has 8 GB FW Troughput as stated on the brochure. How do we prove that it really 8GB FW Troughput? Or it really has 800 IPS Throughput?
If there is a way to prove the throughput, can we do that way to the other brands also?
The only true way to validate performance is to evaluate it and drive traffic through the box. The performance we publish is provided based exactly on that, our QA department set’s up the product with security policies, then uses a combination of industry available test tools to stress performance. We encourage that are seriously interested in our products to perform similar tests. If the customers don’t have the resources or equipment, we can often produce the test in our labs and invite the customer to visit the lab and witness the results first hand.
In regards to the performance difference between new generation and previous generation products, this is the result of our continued investment in innovating ASIC technologies to drive industry leading security performance. The 310B, 620B and most recently the 1240B ill incorporate a new ASIC we engineered internally and included in these products (as well as others), to drive Firewall / VPN performance with a goal to eliminate these features from being a bottleneck for application access.
I reviewed the Gartner Magic Quadrant UTM for SMB(2009) and Gartner Magic Quadrant Firewalls for Enterprise (dec 2008), and the players are near the same(Juniper, Cisco, Fortinet), but in Enterprise market the premises are differents.
I would like a real comparison between Fortinet and Juniper Networks, thats mean app by app: firewall, Antivirus, AntiSpam, IPS, WebContent in bundled case, and in separate app: NAC, WAcceleration.
Fortinet its truly impresive, the customers simply love it. But whats about advanced features as Junos-SRX equipment?
I apologize for my delay in responding to your comment, as I was traveling. To simplify things, we went ahead and put together a comparison chart that shows the Fortinet features versus both the Juniper SSG and SRX features. It is linked below. Happy to answer any additional questions you have about this or provide more detail.
http://blog.fortinet.com/wp-content/uploads/2009/10/FortinetVsJuniper.JPG
Nice comparison chart, but i believe the answers to your blog “Enterprise UTM is not a Myth” its :
http://blogs.gartner.com/greg_young/2009/09/29/unicorns-pixies-and-enterprise-utm/
“Best of breed requirements. Enterprises continue to favor getting good protection, and a single vendor offering 10 safeguards in a single appliance is likely not be to great at all of them. If you look at the Magic Quadrants (MQ) for messaging security, firewalls and IPS you will very little overlap across quadrants in the MQs”.
Yes, JN its IPS MQ leader, JN its FW MQ Leader, JN its SSL VPN MQ leader, JN its the leader overlap across quadrants in the MQS, Why dont trust them for SRX?
You reference the controversial blog that had drawn fire from many impartial industry analysts and experts who feel that the commentary was not inline with trends that are happening in today’s enterprise security environment:
Some non-Fortinet commentary that mirrors this:
“Enterprise UTM”
http://threatchaos.com/2009/10/enterprise-utm/