Web Security Suite Lockdown Edition
January 01, 2006
$50 per seat for $1,000 seats
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Locks a PC down, including preventing unauthorized file installation.
- Weaknesses: Tricky installation.
- Verdict: A wide ranging suite of tools provides excellent web security for the enterprise, but it is a little complex to integrate with other IT protection.
Part of a suite of Websense tools designed to protect your network, this is one of the more difficult products to install. A range of components need to be installed individually, so you’ll want to dedicate a fresh Windows 2000/20003 server to it. These components, such as reporting, can be installed on different PCs across the network, so it is flexible and scalable.
The first part of the protection on offer is at network level, where the product integrates with your internet proxy. You can use the well laid-out proxy manager to block internet traffic based on protocol, so you can block applications such as P2P.
It can also take a network-wide view and detect and muzzle any PC trying to communicate with a known spyware site — which prevents existing infections from getting any further. This level of tools work well in conjunction with your existing anti-spam and anti-spyware applications and give you an extra level of security.
The Lockdown Edition takes things one step further with a dedicated client for each PC on the network. The client only runs on Windows XP, Windows 2000 or Windows 2003 machines, so you are out of luck if you have any older OSs on the network.
Installation of the client gives several advantages and, most critically, direct control over a PC. Using the central Policy Manager you can instruct PCs not to install or run unauthorized executable files, preventing lots of spyware or virus infections from even getting the chance to run.
The client also performs physical spyware scans using a combination of signatures, which are updated daily via a central request, and detecting communication with known spyware URLs. It is effective, and our scans detected most of the infections, while our security policy stopped us running many of the files that we had downloaded.
The use of the client means that notebooks removed from the network remain protected even when they are not communicating with the server.
A comprehensive, wide-reaching security suite that even covers IM, this is an excellent choice with a huge list of prevention and protection options.
However, those with existing gateway and network protection will probably want an application with a smaller footprint.
Sign up to our newsletters
SC Magazine Articles
- CTB-Locker ransomware variant being distributed in spam campaign
- 'Sexy Girls' wallpaper app in Google Play store accessed account info
- Proposed CFAA revisions agitate IT security community
- New attack uses ransomware to drop trojans and keyloggers
- Firm finds link between Regin spy tool and QWERTY keylogger
- Zeus variant targeting Canadian banks, U.S. banks may also be a target
- Winnti trojan may help set stage for Skeleton Key attacks, analysts say
- FTC settles with revenge porn site operator
- Upatre, Dyre used in Univ. of Florida attack
- Wisconsin chiropractic clinic notifies 3,000 patients of insider breach