Web Security Suite Lockdown Edition
January 01, 2006
$50 per seat for $1,000 seats
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Locks a PC down, including preventing unauthorized file installation.
- Weaknesses: Tricky installation.
- Verdict: A wide ranging suite of tools provides excellent web security for the enterprise, but it is a little complex to integrate with other IT protection.
Part of a suite of Websense tools designed to protect your network, this is one of the more difficult products to install. A range of components need to be installed individually, so you’ll want to dedicate a fresh Windows 2000/20003 server to it. These components, such as reporting, can be installed on different PCs across the network, so it is flexible and scalable.
The first part of the protection on offer is at network level, where the product integrates with your internet proxy. You can use the well laid-out proxy manager to block internet traffic based on protocol, so you can block applications such as P2P.
It can also take a network-wide view and detect and muzzle any PC trying to communicate with a known spyware site — which prevents existing infections from getting any further. This level of tools work well in conjunction with your existing anti-spam and anti-spyware applications and give you an extra level of security.
The Lockdown Edition takes things one step further with a dedicated client for each PC on the network. The client only runs on Windows XP, Windows 2000 or Windows 2003 machines, so you are out of luck if you have any older OSs on the network.
Installation of the client gives several advantages and, most critically, direct control over a PC. Using the central Policy Manager you can instruct PCs not to install or run unauthorized executable files, preventing lots of spyware or virus infections from even getting the chance to run.
The client also performs physical spyware scans using a combination of signatures, which are updated daily via a central request, and detecting communication with known spyware URLs. It is effective, and our scans detected most of the infections, while our security policy stopped us running many of the files that we had downloaded.
The use of the client means that notebooks removed from the network remain protected even when they are not communicating with the server.
A comprehensive, wide-reaching security suite that even covers IM, this is an excellent choice with a huge list of prevention and protection options.
However, those with existing gateway and network protection will probably want an application with a smaller footprint.
Sign up to our newsletters
SC Magazine Articles
- Study: Open Source Software use increasing in enterprises but without vulnerability monitoring
- RSA Conference 2015: Prepare for the IoT before it's too late, Sorebo warns
- 'Aaron's Law' returns to Congress
- RSA 2015: Tension continues to grow between govt, cryptographers
- Data at risk for 9,000 individuals following unauthorized access to SRI Inc. website
- Study: Conficker declared top threat of 2014, but N. America targeted mainly by AnglerEK
- RSA 2015: Straight talk about encryption, bulk surveillance and IoT
- RSA 2015: In the healthcare industry, security must innovate with business
- RSA 2015: Unintended use of aircraft systems next challenge for counterterrorism community
- RSA 2015: Bug hunting and responsible vulnerability disclosure