Scalability and distribution are other key considerations. Organizations with a lot of branch offices need to make sure that a UTM appliance is capable of supporting remote users. "That's when scalability and performance with hundreds or thousands of users really comes into play," Crotty says.

It's also critical to take a look at the management console of a UTM appliance. "With UTM, this is very important," Crotty says. "Does it have a SIEM [security information and event management to gather and analyze security log data from different systems]? Can you enable applications easily? Can you do universal policy configurations and changes? What about system upgrades? With UTM, these [factors] are just as important as what the box does."

Effective centralized management is especially vital for large enterprises that have a lot more users to support.

UTM systems should not have separate consoles for each function, Stiennon says. "Rather, protection profiles that define URLs, IPS and [antivirus] signatures to apply based on a specific group of users should be integrated with a firewall rule manager," Stiennon says. "Updates should be easy to push from a central management console to multiple devices."

How the UTM system is supported and maintained by the vendor is another key consideration for companies. "Some of these vendors have been aggressive in offering customer service; we've seen a lot of customers jump in just because of that," Crotty says.