Perimeter defense

Share this article:


Defending the perimeter increasingly is becoming an ambiguous concept. The hard, knife-edge perimeter of the past is dead and gone. Long live the sort-of-fuzzy, kind-of-gray area, not-quite-a-DMZ perimeter of the future. This notion begs the question: “Who cares about the perimeter anyway?” After all, it's all about the data, and we are interested in sharing a lot with the world at large, so why not just protect the data and let the rest go?

Well, that's barking up the right tree, but as my grandpappy was fond of saying, “Ya ain't got the coon treed yet.” To tree the coon, we really do need to be concerned with both the data and the infrastructure since it is the poisoning of the infrastructure that puts our data at greater risk. 

Being able to address problems at the application layer – before they can infect devices and other applications, move about the enterprise collecting sensitive data and phoning home to deliver the booty – is a key aspect of protecting the ever-fading perimeter in the enterprise of the future. That said, it would be good if such a device could work hand-in-glove with a data leakage product so that interdiction of malware phoning home with a payload could become a defense-in-depth proposition. That is where this year's perimeter defense Innovator comes into the picture.

Should the perimeter defense system also be the data leakage prevention tool? That's an open question in our view. We can make a pretty good case that it should, but then we would lose the defense-in-depth. That, of course, is the primary argument against the unified threat management (UTM). The answer has been that the depth becomes what is done at the client level. One layer of protection goes to the perimeter and one to the endpoint. For this year, however, we did include an independent data leakage prevention (DLP) product.

When the perimeter is especially fuzzy, having endpoint, DLP and perimeter protection is a very good idea, indeed. And, making all three of these pieces work together will, for certain, tree that pesky, enterprise-compromising coon.

M86 Secure Web Gateway


A couple of months ago, we recommended the M86 product to some friends in the banking industry. We had the opportunity to give the product a thorough shake-down, and the results were impressive. First, malware defines the M86 product. And the malware engine defines its innovation. M86 focuses on distinct capabilities that are holistic, rather than any one single capability. Regardless of what the organization is, M86 has deployed its anti-malware tools from small enterprises up to the very large. Read the market, respond and move the product fast. Listen closely to customers and anticipate. That is what makes M86 tick. And it shows in its products and support.

M86 has a very long history. The founders created the current company by merging several world-class companies together. Each was an innovator in its field. Together, they looked for a problem to solve in the market. Over a very short time, they developed a vision of applications that will be a problem in the future. Then they attacked the management of those applications.

M86 capabilities are available through the company's appliance, software or software-as-a-service (SaaS) for web and email security. 

M86 works with organizations that have a vested interest in keeping its customers safe, so it provides the technology to ensure that safety. These partners become M86's salesforce, taking its products to their customers, keeping the customer safe and not spreading malware around the web.

M86 products use patented, real-time code analysis and behavior-based malware detection technologies, as well as threat intelligence from M86 Security Labs to protect networks against new and advanced threats, secure confidential information and ensure regulatory compliance. A tall order, but certainly within the realm of M86's capability. The strong merging of premises products and cloud services gives M86 customers access to a lot of power.

AT A GLANCE

Vendor: M86 Security  

Flagship product: M86 Secure Web Gateway

Cost: starts at $4,980/$9.38 per user license for 10,000+ users, including one-year standard support.

Innovation: A comprehensive defense gateway with the ability to work with associated products to protect the internal network from the perimeter.

Greatest strength: Technological know-how, experience and creative problem solving.



Trustwave DLP

We've said it before, but here we go again: Trustwave is without a doubt the finest example of a well thought-out cybersecurity product going. It is intuitive, has well-constructed menus and capabilities, and does exactly the job for which it is intended.

Trustwave was the result of a merger in 2005. The predecessor company was founded in the 1990s by ex-NSA employees and was mostly a consulting practice focusing on PCI compliance. The current company still does consulting and assessment, plus it has a portfolio of more than 20 products, which it either built itself or has acquired. Trustwave has built a comprehensive security portfolio by actively integrating everything in its kit into a holistic security management system.

The Trustwave strategy is to build and acquire leading products from multiple sources and integrate the mix into what the customer needs, whether on premises or as a managed security service. The company actively applies both consulting expertise and research. That provides a platform of knowledge and experience. The team also has a unique ability to combine compliance management with compliance enablement by providing all the necessary services and components to allow one-stop shopping. From the beginning, it has established relationships with large banks and consortia to provide products and services in bulk. Using its partners to leverage sales, Trustwave has over time established a base of more than one million clients by selling to the customers' customers and leveraging those relationships.

Recognizing that customers grapple with complexity and compliance, Trustwave set out to simplify this through a comprehensive suite of security products and services. When we asked the visionary what makes the company tick, he answered: “Trustwave is committed to identifying and protecting sensitive data in every form in every environment. Our vision is for a global community in which transactions are safe, and information flows freely and securely.” 

That global vision has gone a long way toward putting Trustwave in this year's Innovators designation.

AT A GLANCE

Vendor: Trustwave  

Flagship product: Trustwave DLP

Cost: $10,000

Innovation: Data leakage prevention for the rest of us.

Greatest strength: Intuitive organization, strength and depth of technology to support users no matter who they might be.




Share this article:
close

Next Article in Reviews

Sign up to our newsletters

More in Reviews

Mitigating risk is not as simple as it seems

Mitigating risk is not as simple as it ...

This month, our Technology Editor Peter Stephenson looks at risk and policy management.

Digging deep with forensic tools

Digging deep with forensic tools

Gathered here are some of the most comprehensive digital forensic tools available.

The more things change...

The more things change...

SIEMs today are powerful beasts and they are necessary - if not always sufficient - for the protection of your enterprise.