NGFW or UTM: How to Choose

NGFW or UTM: How to Choose

Network security is no longer a nice to have for any business, it is a must-have for all businesses — from the smallest SMB to the most complex Enterprise. When researching network security solutions, organizations are met with a variety of options from point solutions for addressing each individual threat to solutions that combine two or more services into one appliance. Topping the list of network security solutions, you will generally find Next-Generation Firewall (NGFW) and Unified Threat Management (UTM) offerings. A few clicks more and you will likely find yourself wondering, what’s the difference.

The Blending of Two Concepts

Historically, Next-Generation Firewall (NGFW) appliances were designed to deliver a very specific set of security services – firewalling, IPS, and URL filtering. Anything that consolidated more than those services was commonly referred to as a Unified Threat Management (UTM) appliance. Today, however, we see significant blending of these two markets and products. The performance gap has disappeared and solutions marketed as NGFW appliances are being released with the same security services once unique to offerings marketed as UTM appliances.

So, if NGFW and UTM appliances are the same when it comes to security and performance, what is the difference?


The Real Choice: Customization vs. Simplicity

UTM appliances provide out-of-the-box policies, management, and reporting tools designed for ease of deployment and ongoing management while NGFW appliances cater to organizations that wish to customize their security policies and prefer manual reporting and management techniques.

Customization vs. Simplicity Scale

Neither approach is wrong, however, many organizations do not have the time, resources, or security expertise required to manually build security policy and manage a variety of disparate appliances. UTM solutions give those organization the same enterprise-grade security without the extra layer of management. This is particularly useful for small, midsize, or widely distributed organizations that typically don’t have dedicated security or IT teams.

Illustration: Analytics

Performance: A Number is Worth a Thousand Words

It has been long debated if one appliance that centralizes a variety of network security tasks could ever compete with the performance of dedicated point solutions. Not only is the answer yes, but the performance of some UTM appliances, with all security engines running, outperform many dedicated NGFW point solutions.

Illustration: Packaging

(Don’t Get) Lost in Packaging

The security threats that face organizations, small and large, are ever-changing and the solutions for combating these threats should be as well. As such, there is not a static definition of what services should be considered standard within a UTM appliance. Never make any assumptions – always be sure to ask exactly what is included in the offering you are evaluating.

Fueling the confusion for end-users, vendors all take a slightly varied approach when it comes to pricing and packaging. Be on the look out of a la cart pricing for each service and for locked functionality within management platforms that quickly raise deployment costs.


For inquiries, email us at


Leave a Reply

Close Menu