Throw Out Your UTM Firewall: 7 Reasons

throw out your firewallIf security had a mantra, it would be “patch, patch, patch.” Maintaining the most up-to-date versions of hardware and software is the best way to ensure their known vulnerabilities are fixed.

While this has always been important, it has become critical in recent years.

The growth and scope of cybercrime has accelerated. Security gaps are constantly found in operating systems, applications, and of course, UTM firewalls.

New demands for a new world

In the past, many people updated their firewall quarterly (at best). Some did not update at all. They believed their firewalls to be secure, period.

Today, major vulnerabilities are regularly discovered in core firewall components (think of Heartbleed and Shellshock). Pressure is also increasing from hackers and regulators. We have a new reality: the firewall must be checked for updates every day.

But most UTM firewalls make this difficult. They force administrators to check and apply updates manually. Some even charge a premium for the privilege. As a busy IT provider, this is not an optimal way to protect your clients. It also increases your risk and wastes resources.

Better for your business and clients

A firewall with daily, automatic updates keeps your clients more secure and saves resources. Switching to one is a smart decision, even if your client's current firewall is paid for.

7 Reasons to Toss Your Client's UTM Firewall

 #1. The client’s security is at risk

A UTM firewall that does not update automatically creates a larger gap in time between the discovery of a major vulnerability and when it can be patched.

This gap is exposure – a period when malware and hackers can exploit the vulnerability and cause harm. A firewall that updates manually creates more exposure than is necessary, making the client less secure. Automatic updates are essential.

#2. You are wasting time

A UTM firewall that lacks automatic updates forces you to check if updates are available. This creates an inefficient workflow, forcing your techs to waste time checking for updates and discerning whether or not they are important.

Then, when a critical patch is available, it must be applied manually. This often requires having to drive to the client’s site, take down the network, and waste several hours.

A firewall that updates automatically eliminates this waste. You can be sure all patches are applied immediately, and you can commit your resources to other areas.

#3. The network is out of compliance

Regulations such as HIPAA and PCI DSS are major causes of concern across industries. Maintaining compliance can be a tricky balancing act, and a firewall that lacks automatic updates may cause that act to tumble.

In many cases, the moment an update is available for a firewall, the network behind the firewall falls out of compliance. The updates must be applied immediately to ensure the network stays within the parameters outlined in the regulations. The best way to ensure this is with automatic updates.

#4. Firewall updates are not clearly explained

A firewall vendor may release dozens of updates in a given year. Some are trivial, such as small changes to the administration interface. Others are critical. They patch vulnerabilities that have opened the network to attacks.

It’s not practical for your organization to monitor all updates and apply them as they become available. Instead, you likely pick and choose the most important ones in which to invest your time and resources.

Unfortunately, most UTM firewall vendors do not make this easy. They do not provide clear information to highlight the updates that matter. Instead, you have to waste resources by watching for updates and determining their importance. If, on the other hand, the firewall updated automatically, you would be relieved of this task.

#5. Manual updates create uncertainty

The only thing certain about most firewalls is that you cannot be sure they are up-to-date without checking. This uncertainty undermines your confidence in the client’s security. When a major vulnerability is announced, has your firewall patched it? You can’t be sure until you check.

Firewalls that update every day automatically give you peace of mind. You can be certain that all known vulnerabilities are patched as quickly as possible. You don’t have to think about it, and you don’t have to waste time worrying or checking.

#6. You have too much risk and liability

To avoid legal trouble, your organization needs to disclose its firewall policy to clients. If you do not patch your clients’ firewalls, then you need to share that information. Tell the client the situation and let them decide whether to install a firewall that updates automatically.

If you do not disclose the information, then you may be accepting the responsibility and risk of securing the network with an unpatched device that may be out of compliance. Why not encourage your clients to install a firewall that’s safer and that saves you time?

#7. The firewall is not standard

Switching a client’s firewall is an opportunity to move more clients to a standard network configuration. Standardization is widely known to help IT organizations like yours save resources and improve quality of service.

This is only possible when your clients are using the same or (similar) UTM platform. By switching out a sub-standard device and standardizing on one that updates automatically, you can multiply the savings for your organization and the security for your client.

Talk to your client today about UTM Firewall

Firewalls that update manually will soon be outdated. The scale and speed of today’s threats are too great to risk leaving the network exposed with an out-of-date device.

The time to switch your client’s firewall is now. Even if the firewall has several months of subscription remaining, the cost of manually maintaining it, and the risk of relying on its potentially outdated security, may be far greater than switching to one that saves you time, cuts your risk, and improves security.

AccessEnforcer, from Calyptix, updates every day automatically. IT providers like you can get pre-paid subscriptions or even get monthly service without commitments or penalties. Calyptix makes it easy for you with simple pricing, a simple platform, and powerful security.




Related resources

 Top Threats: Heartbleed Bug in OpenSSL

Shellshock: New bug doesn’t shock IT service providers

Merchants Struggle with PCI DSS Compliance as Deadline Passes

HIPAA 2015: Expect more attacks, enforcement, and lawsuits

Written by Calyptix

 - February 2, 2015

About Us

Calyptix Security helps small and medium offices secure their networks so they can raise profits, protect investments, and control technology. Our customers do not waste time with security products designed for large enterprises. Instead, we make it easy for SMBs to protect and manage networks of up to 350 users.
call us
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram