If I read the market correctly, the argument over whether a company should buy a specialist security appliance for every need, or invest instead in ‘all-in-one' devices is about to be won. The specialist security box is heading for extinction.

Boxes, devices, all-in-ones? Does any of this bizarre abstract natter matter to the average company?

Specialist devices - the so-called ‘best of breed' argument - depends on buying the best security box to suit whatever it is a company is trying to defend against. That means separate VPN or remote access, firewall, anti-malware, intrusion detection, and application-layer scanning devices, at each point in the network.

It emerged from the basic firewall and remote access model of the 1990s, and has served people well for the most part even if it has made the world more complicated as functions have multiplied

The ‘all-in-ones', by contrast, are represented by something called, to use the analyst jargon, a ‘unified threat management' or ‘UTM' security box. Traditionally aimed at small companies, they haven't made much impression beyond defending branch offices and smaller companies, mainly because the integration and performance has been seen as immature.

And yet, according to UTM champions such as the Watchguard (newly-energised after going private a while back), larger companies have been asking for the UTMs, deeply intrigued by the radical notion that security functions could be combined in - yes! - a single box. The problem has been that single boxes need resilience, meaty performance to perform under load, and decent management, all easier said than done.

Undeterred, some bright spark had the idea that if all this could be stuffed in one box, why stop there? Add other network-layer features such as multi-WAN load balancing, VLANs, mirroring and resilience, in fact just about anything you can think of, and the UTM idea would have morphed into something that could render single-purpose boxes obsolete by sheer weight of conceptual value.You want ten devices doing one thing or more each, or one box doing ten? No contest.

Helpfully, IDC's creative analysts invented a new term, called ‘XTM' (for eXtensible management) to explain this to everyone, and we are now being told that this is the next stage in the evolution of security hardware.

Big companies won't buy UTM, but they will almost certainly buy XTM-like UTMs one day. All we need now are more products with these features - Watchguard and Check Point already have somewhat XTM-like boxes in fact. UTMs are moving up in the world.

There is still a long way to go for this to grip the imagination of coporate buyers, but when it arrives XTM will probably come in a service wrapping. Corporates will never buy XTMs, or whatever they are called by this point, because they won't have to. Service providers will do that and charge for security as a service.

The data centre will inherit the earth, and the all-in-one security machine will seem like an idea so logical that nobody will believe that the world was once ruled by lots of smaller devices. It won't happen quickly - a lot of vested interests want the expensive single applicance model to continue for as long as possible - but it will happen.