Web Security Suite Lockdown Edition
January 01, 2006
$50 per seat for $1,000 seats
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Locks a PC down, including preventing unauthorized file installation.
- Weaknesses: Tricky installation.
- Verdict: A wide ranging suite of tools provides excellent web security for the enterprise, but it is a little complex to integrate with other IT protection.
Part of a suite of Websense tools designed to protect your network, this is one of the more difficult products to install. A range of components need to be installed individually, so you’ll want to dedicate a fresh Windows 2000/20003 server to it. These components, such as reporting, can be installed on different PCs across the network, so it is flexible and scalable.
The first part of the protection on offer is at network level, where the product integrates with your internet proxy. You can use the well laid-out proxy manager to block internet traffic based on protocol, so you can block applications such as P2P.
It can also take a network-wide view and detect and muzzle any PC trying to communicate with a known spyware site — which prevents existing infections from getting any further. This level of tools work well in conjunction with your existing anti-spam and anti-spyware applications and give you an extra level of security.
The Lockdown Edition takes things one step further with a dedicated client for each PC on the network. The client only runs on Windows XP, Windows 2000 or Windows 2003 machines, so you are out of luck if you have any older OSs on the network.
Installation of the client gives several advantages and, most critically, direct control over a PC. Using the central Policy Manager you can instruct PCs not to install or run unauthorized executable files, preventing lots of spyware or virus infections from even getting the chance to run.
The client also performs physical spyware scans using a combination of signatures, which are updated daily via a central request, and detecting communication with known spyware URLs. It is effective, and our scans detected most of the infections, while our security policy stopped us running many of the files that we had downloaded.
The use of the client means that notebooks removed from the network remain protected even when they are not communicating with the server.
A comprehensive, wide-reaching security suite that even covers IM, this is an excellent choice with a huge list of prevention and protection options.
However, those with existing gateway and network protection will probably want an application with a smaller footprint.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards