Ask the Experts: What is Unified Threat Management?

Welcome to Ask the Experts, brought to you by In this video, Intelisys’ SVP Cloud Transformation Andrew Pryfogle discusses the importance of unified threat management when designing security solutions for your customers with Masergy’s Andy Singleton. Learn more about cloud-based security solutions from the Masergy team here:

Andrew: Okay. Welcome back to the studios again, guys, for another Ask the Experts session. I have joining us in the studios here today in Petaluma, Andy Singleton, who is the Director of Security Solutions Engineering for Masergy, one of our go-to providers for cloud-based security solutions. Andy, welcome, man.
Andy: Thank you, thank you. Good to be here. Thanks.
Andrew: All right. Excellent. Hey, you run the show there when it comes to security solutions and the engineering team over there. We’re excited to have you join us because Masergy has some really, really compelling solutions that we’re applying to security issues all over the country right now with customers. I want to talk to you and get inside your mind real quick on this one topic of unified threat management. You hear this term thrown around, and I wanted to give you a chance to define it for us. What is unified threat management? Why should partners and customers care about it? Talk about it.
Andy: Yeah, so the big issue with threats today is you have, from most customers’ perspectives, a lot of silent solutions. You’ll end up having intelligence from four or five different manufacturers, four or five different appliances or devices around the business. It’s very hard to answer the question to your board or your investors, “What is the biggest threat to my business? What should we be looking at or caring about as a business? What are the top things we should take down first?” We look at it and say, “How do I unify all that intelligence together? How do I look at it from a top-down approach, from what’s important to the business, on down?”
What we do is we help customers take a holistic look at all the inputs, all the outputs for a business; help them place a system that adapts and learns in their environment that provides that unified interface to view the threats that are against a business in particular.
Andrew: Got it, got it. Interesting. This idea of a holistic view at somebody’s security policy – what are a few of the components that people should be thinking about that perhaps they’re not?
Andy: Most customers look at pieces and parts. They’re maybe just looking at log data or they may just be looking NetFlow data. Or they may just be looking at scanners or those sorts of things. Look at the active threats that are going on or events that may pop out of these systems.
What we say is let’s take a different approach. Let’s look at all those things. Plus, let’s look at all the North-South traffic. Everything going from, say, your private network to the public internet. And let’s look at all the East-West. Let’s really take a look at your corporate IP. As a business, what do you want to protect? Let’s take a look at the traffic that comes in and out of that secured area. Whether that be a data center, a headquarters, or whatnot. You really want to look at raw packet and raw packet data.
Andrew: Interesting. Interesting. Does the “people” side of security threats, the idea of somebody being able to take a thumb drive and download data and walk out the back door, or physically stealing hardware, hard drives, that kind of stuff. Does that part also come into taking a holistic view of building a strategy as a customer?
Andy: Absolutely. A lot of user education, a lot of build up of what’s brought into the network and really understand so if somebody did pick up that USB drive out of the parking lot or you have somebody go rogue and put up a new system inside the network or those sorts of things. If you’re really looking at all the traffic patterns, not just logging, but really the traffic patterns of all systems and all assets, you can pick those things up. From an enterprise perspective, getting the IT shops or the infosec shops to say, “Okay. We need to educate our users and get them to understand the dangers of bringing in some outside data sources or bring in a USB drive that my kid got at the school” and whatnot.
Andrew: You just said something that hasn’t been said here in the studio before. Do you know what that is?
Andy: What is that?
Andrew: You called it an “infosec shop.” You’re talking about … that’s how security has developed, isn’t it? This idea of information security teams, within companies, that are tasked with this now. This is becoming a big deal.
Andy: Absolutely. You’ve got these new titles out there. Of course, there’s Chief Information Security Officer. Now you’ve got Chief Compliancy Officer. Now you’ve got all the legal folks involved. Really the things that companies need to be thinking about is not only, “Am I safe?” and, “Am I doing what I need to be doing,” but “Are my partners, and the folks I do business with, doing what they need to be doing?”
We’re seeing that from a lot of suppliers that may supply to a large company that says, “you need to be PCI compliant.” Or “You need to be ISO compliant.” Even though the smaller company or the shops being asked that may not have to be compliant themselves. A lot of the … If they’re a vendor to somebody, they’re being asked to do these things. It is becoming more of an information security shop. Really looking at, “What are my inputs and what are my outputs? Who do I do business with? Who are my partners?” All need to be considered whenever you’re looking at a managed security practice, but info security in particular.
Andrew:  Yeah, yeah. Love it. Hey, that’s some great wisdom there, Andy. I appreciate you jumping in and chatting with us about this. Thank you very much, man.
Andy:  Thank you.
Andrew:  Good deal. Guys, that’s Andy Singleton. He is the Director of Security Solutions Engineering for Masergy. Check out the learning center for Masergy here at the University. It’s chock-full of tons of information about how you can really dig in and find really rich cloud-based network and data security solutions for your customers. Get smart about it. It’ll pay off big for you. Good selling.