A Cisco commissioned study questioned 2,000 IT professionals and employees about risky behavior that could result in corporate data leaks. From losing laptops to letting strangers wander around their building, this is what was found.
Check out these new and improved enterprise IT management tools from CA.
The best multi-function printers (MFP), also known as all-in-ones, offer a slew of great features designed to streamline production and reduce costs. Here are a few of the market's best and brightest to come out recently.
Preventing System Abuse
12:00 AM EST Mon. Jan. 29, 2007
From the January 29, 2007 issue of CRN Tech
Page 1 of 3
In an age when a single MP3 or graphic image download can land a company in court, taking control of an enterprise's Web browser can become as important as paying taxes. And that's not even counting the potential for a single user to invite in malicious code that could cripple a network or the time employees can waste on non-work-related Web surfing.
Fortunately, deploying a content-filtering solution can be relatively straightforward thanks to the arrival of appliances that avoid the need for client-based software and rely on content analysis rather than simple blacklists to do their work. The first step in deploying a solution is selecting the right product, and appliances are definitely the way to go.
Solution providers should be careful even when selecting dedicated appliances, though. In the past couple of years, vendors in the security space have added Web-content-filtering software just to add more capabilities to their security appliances without selling effective filtering technologies.
For one thing, content-filtering products that rely on blacklists can never keep up with the number of objectionable sites that pop up every day. Proxy servers also can easily fool list-based tools by hiding IPs. And savvy users can render blacklist tools useless by using Internet proxies to reach any site—a method made even easier by the emergence of RSS and an abundance of news reader applications.
"Blacklists are always behind the curve, and so far behind the curve that a company can get burned very easily," said Jon Johnson, president of U.S. Transport Services, Clovis, Calif., a reseller of ContentWatch's ContentProtect appliance. "This appliance keeps you up as close to the edge as possible. I've never seen a solution get closer."
Tools like ContentProtect use regular expressions and Boolean heuristics to categorize content. These tools use weighting values for words and phrases and can either block an individual page or an entire site. Such tools also block users from viewing pages at the port level, so proxies and caching tools cannot bypass them.
Such content-based appliances are not only smarter and easier to manage than list-based tools, but as off-server devices, they provide the advantage of filtering Web content without degrading system performance or bandwidth.
"You eliminate any potential breaking of applications or databases or slowing down the network," said Jeremy Simmons, president and CEO of Asierus, a South Jordan, Utah-based solution provider and another ContentWatch partner. "As an appliance, it's fast, it's reliable and there's no way to hack around it. It still filters what's coming through."
Another important consideration is the product's flexibility. If an employer wants, for example, to prevent his employees from illegally downloading MP3 music files, but wants them to have access to instructional podcasts in MP3 format, administrators need to be able to grant permission on the fly.
While in some ways not as accurate as a list-based system, content-filtering schemes are effective if values are configured correctly. However, Internet filtering heuristics and value schemes are usually determined by vendors, and algorithms are tightly held secrets so solution providers have little ability to tune them. To reduce false positives, most vendors incorporate user-configurable whitelists.
For the most part, most content-filtering vendors are still providing simple client-based software. In addition to ContentWatch, vendors such as SonicWall, Barracuda Networks and ICE Systems are among those offering dedicated appliances, while Astaro has added content filtering to its security appliance.
For the purpose of this article, the CRN Test Center decided to deploy ContentProtect, the flagship product of ContentWatch, Salt Lake City, which has a reputation for having a very accurate content-analysis engine.
In addition, ContentWatch's appliance arrived with time-management features, reporting capabilities, port filtering and the ability to create blacklists and whitelists.
NEXT: More on ContentWatch's ContentProtect
