According to ESG research, enterprise organizations continue to invest in all types of threat intelligence (note: I am an ESG employee). For example, 60 percent of organizations have had a threat intelligence program in place for more than two years, 69 percent consume six or more open-source or commercial threat intelligence feeds as part of cybersecurity analytics efforts, and 72 percent of enterprises plan on increasing spending on their threat intelligence programs over the next 12 to 18 months.Why is threat intelligence gaining momentum? Security professionals know that because they can\u2019t block every conceivable cyber attack, they need to collect, process and analyze all types of internal and external security data to improve their incident detection and response capabilities. Many also want to use threat intelligence more proactively for threat prevention. In fact, 36 percent of enterprise cybersecurity professionals say their organizations intend to use threat intelligence feeds to automate remediation actions over the next 24 months.Hmm, this seems like a good idea. When threat intelligence points to bad IP address, URL or DNS lookups, why not simply block them from the get-go? Unfortunately, this hasn\u2019t always been easy in the past, as it involved normalizing disparate threat intelligence feeds, building custom dashboards and rule sets, integrating various network security devices, etc.\u00a0These issues are actually a microcosm for the state of threat intelligence today\u2014lots of great data and good ideas, but it seems like it's always much more difficult to operationalize threat intelligence than it should be.Enter threat intelligence gateways. These devices from vendors such as Centripetal Networks, Ixia and Lookingglass Cyber Solutions are designed to alleviate the data management, policy management and technology integration challenges described above. How? With simple fixed-function network security appliances that:Consume threat intelligence.\u00a0Threat intelligence gateways are designed to consume threat intelligence directly, obviating the need to normalize cryptic threat intelligence feeds or integrate various types of threat intelligence and security analytics with network security infrastructure.Provide options for policy management.\u00a0Rather than relying on custom analysis and rule sets, threat intelligence gateways provide policy management dashboards and tools. This give the security team the ability to easily configure rule sets to block known threats based upon risk scores, threat sources, etc. In this way, threat intelligence gateways can help a CISO create company-specific policies for blocking industry-focused attacks, targeted attacks and more pedestrian \u201cnoise\u201d from threat actors.Operationalize threat intelligence. Threat intelligence gateways aren\u2019t quite \u201cset-it-and-forget-it\u201d appliances, but they can be very efficient in helping organizations streamline security operations while mitigating risk\u2014without requiring a lot of one-off integration or customized code.\u00a0Threat intelligence gateways are typically positioned between an edge router and a firewall and can start to deliver value pretty quickly. In this deployment model, threat intelligence gateways can also filter traffic and thus improve firewall throughput.Now, I know what you are thinking: \u201cWhy not just do this with a next-generation firewall and alleviate the need for another box?\u201d Good question, as this functionality is certainly offered by leading firewall vendors such as Cisco, Check Point, Fortinet, Juniper and Palo Alto Networks.In fact, firewalls can filter traffic based on threat intelligence, but this process can consume network resources and processor cycles, impacting firewall performance in some cases. And threat intelligence gateways are fixed-function devices designed for simple policy management for threat intelligence-based remediation rules.\u00a0 Alternatively, NG-firewalls are built for a wide assortment of application, network, threat and user-centric rules. Threat intelligence remediation rules may be difficult to configure and manage or may not offer the granularity of a dedicated appliance.\u00a0 \u00a0Threat intelligence gateways aren\u2019t for everyone, but large organizations with massive global networks have a large target on their backs and need all the help they can get.\u00a0 For these enterprises, threat intelligence gateways may provide strong benefits for relatively little cost.