While other security vendors focus on perimeter or endpoint security, Websense tackles content security with its new Triton Security Gateway product line.
Security firm Websense has recently rebranded its year-old Triton product to include software-as-a-service features and says the tool now focuses on content security.
Websense says it combines on-premise email and Web security on a Websense V-Series appliance with cloud components to develop Triton Security Gateway Anywhere system which is scalable to meet the needs of businesses of every size.
“It is fully expandable and you can build it up by adding a licence key,” said David Meizlik, director of product marketing for Web and data security at Websense.
He said licencing prices start at $13 per user per year for the entry level which covers email security; $56 per user per year for the Triton Security Gateway which includes email, Web security and gateway security appliance; and $70 per user per year for the Triton Security Gateway with full data loss prevention (DLP) features.
Meizlik said the service takes a different direction from the products and services offered by other vendors. “While other vendors focus on perimeter or endpoint security, we are focusing on the middle – on content security.”
Meizlik said this is an effective way of protection against the trend towards blended attacks that are able to circumvent firewalls, antivirus software and network intrusion prevention tools.
As threats such as Zeus, Stuxnet and Aurora are increasingly propagated through emails and Web content, it becomes crucial to focus security efforts on content, said Meizlik.
“As much as 20 per cent of daily email threats are undetected by antivirus, UTM (unified threat management) firewalls and proxies. With no network perimeter or standard endpoint to secure, the focus has to turn to securing the content itself,” he said.
The Websense tool identifies, classifies, and categorizes incoming and outgoing content to weed out potential threats. It can be set to allow certain content to enter or leave the network. The unified content security feature does the following:
- Stops malware, exploits and spam from entering the network
- Blocks inappropriate content
- Prevents the loss of private content such as regulated data, private data, source code or intellectual property
“It makes sure that users access content that keep them productive, such as legitimate marketing on Facebook, or cloud solutions like Salesforce.com to allowing personal browsing time while limiting bandwidth consumption and exposure to inappropriate content,” said Meizlik.
Social media threats
These features play well into the need of many businesses that are now allowing employees to use social sites such as Facebook in the workplace.
Many organizations are struggling to with the use of Web 2.0 tools in the workplace, according to Brian Burke, program director of the security products and services program at analyst firm IDC. He says social media use in the workplace has created a risk of both data leaks and new channels for malware.
“Advances in Web 2.0 technologies require a new generation of Web security tools that go well beyond traditional URL filtering,” he said.
Burke said key trends in the Web security market include:
- The growing volume of user-generated content which requires Web security tools that have real-time deep content analysis and classification.
- Data loss prevention challenges posed by message boards, blogs, tweets and social networking sites that are becoming pipelines for information leakage and compliance violations.
- Social networking applications that use evasive techniques to communicate and share information. The challenge is to identify these applications and apply appropriate security policies.
- The growing numbers of mobile and remote users that create a complex, distributed workplace.
Layered security still best approach
One Toronto-based security expert cautions businesses against hoping for a silver-bullet solution to it security problems.
“Businesses still need to employ a layered approach to security, concentrating on content is not enough,” according to Claudiu Popa, principal of Informatica Corp., an international IT security consultancy firm based in Toronto.
“There is no UTM tool that will provide a 360 protection. Business owners need to take a hard look at what will actually prove to be a useful tool and products that end up giving a false sense of security,” he said.
Related story - How to bulletproof your IT systems from hacker attacks
In selecting an email and social media filtering tool, Popa said, buyers need to determine its ability to screen and process incoming and outgoing traffic. “The tool need to be able to screen and filter through large amounts of data especially rich media content.”
UTM tools also have trouble peering into encrypted traffic, he said. “This presents a problem when malware is contained in Skype sessions, VoIP (Voice over IP) transmissions or video.”
“The only way you can guard against these threats is to compensate for gateway security shortcomings by deploying endpoint security,” said Popa.
This, he said, would include security measure at the firewall, server and computer level.