Unified Threat Management (UTM) is an approach to information security where a single hardware or software installation provides multiple security functions. UTM refers to when multiple security features or services are combined into a single device within your network. A UTM system does not just protect personal computers (PCs) and servers. It protects an entire network and individual users by scanning all network traffic, filtering potentially dangerous content, and blocking intrusions. Some of the prominent UTM brands are Cisco, Fortinet, Sophos, Netgear, Huawei, Wi-Jungle, SonicWall, and Check Point.

UTM devices are hardware or software that tie together network security features into one simple-to-use, easy-to-manage appliance. In addition to having a firewall, VPN, and IPS, every UTM appliance supports network- or cloud-based centralized management. UTM devices usually include functions such as antivirus, anti-spyware, anti-spam, network firewalling, intrusion detection and prevention, content filtering, and leak prevention.

The centralized nature of a UTM allows you to monitor several threats simultaneously as they impact multiple components of your network. In a network without this centralized structure, when a multi-module attack is occurring, it can be very difficult to prevent it. With a UTM network, you can use a set of flexible solutions to handle the complicated assortment of networking setups available in modern business infrastructure. You can cherry-pick what you need from a selection of security management tools, choosing what is best for your specific network.

Although a UTM offers ease of management from a single device, it also introduces a single point of failure within the IT infrastructure. Additionally, the approach of a UTM may go against one of the basic information assurance/security approaches of defense in depth, as a UTM would replace multiple security products.