I recently read an article written by a computer technician in the UK where he relayed a story about a virus intruding into his client’s network via phishing e-mail and then managing to infect all their computers in the course of a few hours. He mentioned if they had only had a unified threat management (UTM) system running, they would likely have saved thousands on lost time and money between the cost of the technician and the cost of business grinding to a halt for a couple of days.
I previously covered some free antivirus options for business and nonprofit organizations; this week I want to cover UTMs which I believe are a vital element of securing your network. UTM software and/or hardware resides at the gateway to the internet and controls what gets sent between computers and the internet. This means the device can filter out unwanted things like viruses, phishing e-mail, and malicious websites quite effectively and they also usually include VPN systems for remote employees to connect to the office (although I find with software as a service gaining traction this is becoming less of a necessity for many organizations). While the UTM options from vendors such as Microsoft or Cisco can be quite expensive, there are some very good free UTM systems available. You’ll want a computer with two network connections to install these onto as it will work best if it sits between your router and the network switch.
I’ve used Untangle in production environments and enjoyed the ease of use and great graphical reporting. My only real knock against Untangle was that it tended to be more resource intensive than some of the others; however, it is probably one of the better choices for an organization without full time tech support.
ClearOS is actually much more than a UTM as it is a complete small business server; regardless, it is easy to work with and can do everything needed to secure a gateway. I’ve used it in production environments and it worked pretty well but I preferred Zentyal due to having better familiarity with Debian based distributions.
Zentyal, like ClearOS, is a complete small business server but works well as a network gateway. Zentyal can make doing some pretty exotic gateway stuff easy. Need to failover or team between multiple internet connections? Zentyal makes it easy; likewise, content filtering is generally easy.
Endian is one of the more hardcore options on the list, not really designed for the rookie or small business per sé, but a good free alternative for the medium size business. Endian is worth checking out for their hotspot management if you are in an industry that needs to provide public wifi.
Sophos (formerly Astaro)
I can really only recommend the home edition, which is I’m afraid only free for the home users, there is a free business edition but it is primarily a firewall and not a full fledged UTM (although it can be upgraded via payment to a UTM).
I hope this has helped shed some light on an important part of securing your network and preventing massive loss of time and expense of hiring a technician. GeekOut Technologies has years of experience with unified threat management and can help you select and install the right hardware and software to provide enhanced protection of your network. If it only prevents one outbreak like the one the UK technician observed, then it will already have paid for itself many times over. Contact us today!