My next project for Information Security magazine is to test a bunch of Unified Threat Management appliances (UTMs) out at the Stanford University network lab this spring. UTMs combine a variety of security services such as anti-virus, firewalls, intrusion detection, and VPNs. I am still working up a test plan and criteria, as well as selecting the five products that will be part of the test. While I am doing my research, I came across an excellent document by Joel Snyder about things to consider in evaluating these products for large-scale enterprise needs. Joel is an insightful and no-nonsense kinda guy that has been around the networking block a few times. Here is an excerpt from his paper:

To support UTM in large networks, though, products must meet a very different set of requirements that set them apart from SMB-focused UTM firewalls.  By going further in the areas of performance, network integration, support for  consolidation, platform extensibility and flexibility, and management, UTM vendors can meet the needs of enterprise network managers. 

You can download a copy of his paper here.