Web Security Suite Lockdown Edition
January 01, 2006
$50 per seat for $1,000 seats
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Locks a PC down, including preventing unauthorized file installation.
- Weaknesses: Tricky installation.
- Verdict: A wide ranging suite of tools provides excellent web security for the enterprise, but it is a little complex to integrate with other IT protection.
Part of a suite of Websense tools designed to protect your network, this is one of the more difficult products to install. A range of components need to be installed individually, so you’ll want to dedicate a fresh Windows 2000/20003 server to it. These components, such as reporting, can be installed on different PCs across the network, so it is flexible and scalable.
The first part of the protection on offer is at network level, where the product integrates with your internet proxy. You can use the well laid-out proxy manager to block internet traffic based on protocol, so you can block applications such as P2P.
It can also take a network-wide view and detect and muzzle any PC trying to communicate with a known spyware site — which prevents existing infections from getting any further. This level of tools work well in conjunction with your existing anti-spam and anti-spyware applications and give you an extra level of security.
The Lockdown Edition takes things one step further with a dedicated client for each PC on the network. The client only runs on Windows XP, Windows 2000 or Windows 2003 machines, so you are out of luck if you have any older OSs on the network.
Installation of the client gives several advantages and, most critically, direct control over a PC. Using the central Policy Manager you can instruct PCs not to install or run unauthorized executable files, preventing lots of spyware or virus infections from even getting the chance to run.
The client also performs physical spyware scans using a combination of signatures, which are updated daily via a central request, and detecting communication with known spyware URLs. It is effective, and our scans detected most of the infections, while our security policy stopped us running many of the files that we had downloaded.
The use of the client means that notebooks removed from the network remain protected even when they are not communicating with the server.
A comprehensive, wide-reaching security suite that even covers IM, this is an excellent choice with a huge list of prevention and protection options.
However, those with existing gateway and network protection will probably want an application with a smaller footprint.
Sign up to our newsletters
SC Magazine Articles
- 'MEDJACK' tactic allows cyber criminals to enter healthcare networks undetected
- Samsung devices, including Galaxy S6, vulnerable to remote code execution
- Dridex banking malware spreading through new spam campaign
- U.S., China agree to cybersecurity code of conduct
- Suspicious activity on LastPass network, data compromised
- Former Georgia-Pacific sysadmin charged with damaging protected computers
- Harvard University announces network intrusion, possible data exposure
- Saboteurs leverage RIPv1 for DDoS reflection attacks
- More than 440K new Android malware strains found in Q1, study finds
- Apple releases OS X 10.10.4 and iOS 8.4, numerous bugs addressed