Cisco Embeds DLP In E-mail Security Appliance


Cisco's IronPort launch included enhancements to its C-Series e-mail security products, which now incorporate DLP technologies as the result of a partnership with RSA, the security division of EMC. Cisco IronPort also released its S-Series Web security gateway products with DLP functionality designed to block sensitive data loss via the Web and FTP.

Specifically, Cisco IronPort E-mail Security, embedded with RSA DLP technology, is designed to protect data in transit by detecting and preventing sensitive data from leaving the network via e-mail.

Cisco executives say that the solutions offer high accuracy and low false positives, and are easy for IT administrators to use. But the big draw for channel partners is that RSA's DLP technology can be combined with the networking giant's enormous array of existing security products, which can be bundled in a variety of security suites.

Keith Valory, Cisco director of product management, security technology business unit, said that the DLP technology is baked into the e-mail and Web security gateways, as opposed to being bolted on later. And at an affordable price, the enhanced Web and e-mails gateways allow channel partners to initiate conversations with their customers about DLP that they might not otherwise have had, Valory said.

Sponsored post

"Data loss is a top concern for [smaller businesses]. They want to prevent loss of data, but they can't afford an exorbitantly expensive solution that's overly complex," he said.

Valory also said that customers could purchase Cisco IronPort E-mail Security gateway first, then later incorporate the DLP functionality as an upgrade without having to reconfigure another security device.

Customers can later extend the DLP protection capabilities to data at rest and data in use via integration with the RSA DLP Suite. The RSA DLP data classification technology will be made available through an integrated software subscription.

"DLP is supposed to fit as an overlay on Web security devices. But it's always a difficult sale in the channel. You kind of put the burden on the channel partner," Valory said. "This gives them the opportunity to sell something else. They have the opportunity to go back and say, 'You can just buy this license and upgrade.' "

"It's a foot in the door for our channel partners," he added.

Cisco's launch also includes new DLP functionality integrated into its IronPort S-Series Web filters with technologies that protect data over Webmail, blogs, social networking sites and FTP. The company's Web reputation filters are equipped to detect data moving over the Web, such as over social networking sites and other Web 2.0 technologies, while blocking information-stealing malware from entering a corporate network.

For example, Valory said, when users are sending sensitive information over Facebook and other social networking sites, the embedded DLP technologies are able to block its forward motion based on metadata in the files and user IDs.

"We can detect when a particular user is sending something to a particular site," Valory said. "Being able to get down to that granularity allows customers to be comfortable that they're not losing data."

The product launch is accompanied by a professional DLP risk assessment service, available through Cisco partners globally, intended to help customers understand where their critical data lives and weaknesses in their networks that might result in its loss. The service consists of a review of the customer's DLP, process and requirements, an actual assessment of DLP posture and data analysis and recommendations.