Data loss prevention comes of age
We sent invitations to McAfee, Sophos, Fidelis, TrendMicro, CodeGreen, Palisade, Symantec, RSA, Websense, NextLabs and CA. Only McAfee and Sophos accepted the challenge.
We found both these products to be a breath of fresh air. McAfee and Sophos seem to have a very practical understanding of the role of DLP in a modern organization. They both have innovative features, excellent user interfaces, and a clear vision for the future of DLP. McAfee's solution seems to be more appropriate for larger organizations spanning many locations, even globally.
Sophos' solution seems better suited for small to midsize businesses that are looking for DLP as an added bonus to an existing antimalware infrastructure, and for whom the cost of and training for a larger solution might be prohibitive.
The Sophos DLP lineup consisted of their Email Security and Data Protection appliance (ES1100) and the Endpoint Security and Data Protection software suite. McAfee sent us its ePolicy Orchestrator, DLP agent, Email Gateway, and Web Gateway software, as well as the Discover, Prevent, Monitor, and Insight network DLP (NDLP) appliances.
We received the four appliances and a VMware server from McAfee, then were joined by two technicians who got everything up and running, and walked us through the initial configuration.
Much of the configuration work had been done prior to McAfee shipping the products. Our part of the DLP setup consisted of wiring up all four of the DLP appliances, including giving the NDLP Monitor device a network tap connection (which we chose to place between our DMZ and its gateway), giving the technicians IP addresses to use for all of the services, and helping them to integrate their product into our Active Directory setup.
We had the opportunity to get a more hands-on impression of the installation of Sophos' software, and were very pleased. The ES1100 appliance came with a very easy to digest quick start guide. This gave us the information we needed to initially connect to the device and initiate the configuration wizard.
This wizard was one of the best we've seen. It was well designed, provided helpful information at each step, and did a number of checks to verify proper configuration (even testing to make sure its network connections weren't cross-wired). The only issue we ran into was that, in our isolated environment, we didn't have a connection to the Internet. The product needs to be able to connect back to Sophos to test its connectivity and download a large (200MB) license file. We were able to get around this using a proxy server.
- 3 Big Data Security Analytics Techniques You Can Apply Now to Catch Advanced Persistent Threats This technical white paper demonstrates how to use Big Data security analytics techniques to detect advanced persistent threat (APT) cyber attacks, and it...
- IT Security by the Numbers: Calculating the Total Cost of Protection Humorist Franklin P. Jones may have said it best: "When you get something for nothing, you just haven't been billed for it yet."...
- SBIC: Transforming Information Security This report combines perspectives on technologies with experience in strategy to help security teams navigate complex decisions regarding technology deployments while maximizing investments.
- HP ArcSight ESM Solution Helps Finansbank to Combat Fraud and Increase Customer Satisfaction In this report, learn how one organization was able to use HP ArcSight ESM to reduce false positives by 90% and the time...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- IBM FlashSystem V840: Leveraging Software-Defined Flash to Drive Your Business With end-to-end, tightly integrated functionality and super-fast flash technology, products like IBM FlashSystem V840 Enterprise Performance Solution empower businesses to leverage the efficiency... All Data Security White Papers | Webcasts
Our new bimonthly Internet of Things newsletter helps you keep pace with the rapidly evolving technologies, trends and developments related to the IoT. Subscribe now and stay up to date!