Key Program Metrics of Unified Threat Management (UTM)

Unified Threat Management (UTM) is an all in one security solution that integrates firewalls, anti-viruses, content filtering, spam filtering, VPN protection, anti-spyware and other security system you need to protect your network. It can perform many security functions simultaneously to provide layered protection to all sizes of organization.

Key Program Metrics:

  • Redundant rules :  These are the rules that are masked, completely or partially, by other rules that are either placed    higher up in the rule base. they add to the inefficiency and must be detected and removed subsequently
  • Of exception in rules :
    These are the exceptional cases where a rule is created temporarily to cater to the particular business need. care should be taken that all such rules are removed as soon as they are expired.
  • Rules with permissive services :
    Permissive services give more access then is needed to the destination by allowing additional services. The most common examples of this are rules with “ANY ” in the service field. These kind of rules should be minimized
  • Rules with risky services :
    Services such as telnet, ftp, snmp, pop etc. are risky because they usually credentials to be passed in plain text. Any service that exposes sensitive data or allows for shell access should be tightly monitored and controlled.
  • Rules with no documentation :
    UTM rules should be documented. Rules should be explained in detail, business case is described. Any rule change shall be according to proper change ticket.
  • Rules with no logging :
    UTM logs are useful for troubleshooting and forensics. It is very imperative that firewall logging hould be enabled and logs are leveraged for proper firewall management


Do let me know if you want us to add or modify any of the listed key use cases.

Check out the Unified Threat Management (UTM) market within Product comparison platform to get more information on these markets

Views: 39

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform


CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30, 2020. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by Yogesh Nov 19, 2020. 2 Replies

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20, 2020. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20, 2020. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us


Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2021   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

/* */