Unified Threat Management (or UTM) firewalls are firewalls that have very good security services integrated. These services vary a little, but usually include real time antivirus, antimalware, SSL decryption, and other intelligent services that make them much safer than a traditional (old school) firewall. In such a dangerous world wide web out there you really do need more than just a basic firewall and computer based antivirus. Between all of the “drive by” infections and the IoT botnets something more intelligent and proactive is needed.
Any decent UTM will scan for viruses, malware, botnet communication, etc, as it is happening. You don’t have to wait for, or depend only upon, your computer’s antivirus to catch it. Antivirus software is largely reactive and definitely should be your last defense.
Since UTMs are more and more common and usually pretty good at what they do, the bad guys have started protecting their communications with encryption. If the information is encrypted, then you have to have a key to unencrypt it. A good UTM can get around this by unencrypting it with the public key, scanning it for viruses, etc., then re-encrypting it and sending it on to you. This means that the bad guys can’t hide their traffic.
With UTMs you can flat out block websites that tend to be dangerous. If you so choose, you can also limit those productivity killing websites like Facebook, YouTube, Netflix, etc…
Is there any reason at all for Russia, China, and Ukraine (or a whole host of other countries) to be communicating through your UTM? Most likely not! Block all those bad actors from even communicating with you. This is not a panacea, but it will block obviously unneeded and bad traffic.
Some UTMs have a feature called Sandboxing, or Capture. This means that as files are downloaded, they are checked against a list of known files. If those files are good, they pass through with no problem. If they are bad, they are blocked, or you are alerted. If they are unknown, they are sent to multiple environments and activated in order to see what they do. If they do something bad, they are blocked or you are alerted. This is a great feature and helps with those threats that are unknown and/or new. Not a lot of UTMs have this capability, but it is very useful.
The section title says it all. Linksys, DLink, Netgear and all the other inexpensive firewalls/routers are chock full of bugs. Sometimes they have backdoors that are originally meant for developers to troubleshoot while in development. Sometimes they have easy passwords or well known default passwords that don’t get changed. These are for home use, definitely not for business, and I would highly suggest even home users get someone that knows what they are doing to install their home firewall and strongly consider going with a UTM.
In summary, the bad guys are always trying to stay one step ahead. There are lots of ways that help to stay safe, but these days a UTM firewall is one of the best ways to implement in your layered security to keep you safe!