Code Green TrueDLP
Strengths: This is a first-rate product with solid performance and a comprehensive feature set.
Weaknesses: None that we found.
Verdict: Excellent tool that is easy to configure once linked into the network.
SummaryThe Code Green data leakage prevention tool comes as a purpose-built appliance. We set it up in our test bed. Without the administration guide, the installation would have been somewhat more difficult. The appliance has no installation wizards, so deployment, though straightforward, benefits significantly from the quick start. Within an hour we had the appliance online and ready to configure with our exchange servers.
The documentation is solid and well-illustrated. Overall, we find that ease of use at this stage could have been improved a bit, but even without network installation wizards, which have become standard practice for most appliances. we hit no show-stoppers. It has excellent configuration menus once the appliance is linked into the network.
It is important, however, that one understands the network and email system thoroughly because it is easy to misconfigure either the appliance or one's exchange server. Once the appliance was integrated into the network, we began general configuration. The first step addresses the network details, and there is a menu that assists with that.
The appliance performs several functions. The obvious one is watching email leaving the enterprise and stopping messages that violate a policy. Another, and extremely important one, is discovering the locations of sensitive data on servers or other computers. This is the inspection service, and enabling it is optional.
Once we had the appliance configured, the next step was applying policies. Again, there is an excellent menu for this, and the out-of-the-box policies provided cover a lot of territory. Each policy can be modified. There is a range of workflow options - from "do nothing" through notification to logging. Additionally, one can block the transaction, force it to be encrypted or reroute it.
Besides using policies out of the box or modifying them, one can create new ones. Before writing a new policy, one must register the data that it will affect. The admin sees several classifications of codes, specific patterns file types that can be filtered, and other types of structured data, such as credit card numbers, driver's licenses, and more. The list is quite complete. Finally, one can include data that the device discovers if that function is turned on.
Essentially, the policy piece of the Code Green device falls under three categories: registered data, discovered data and protected data. Each of these has policies that the administrator can edit and configure to meet specific requirements.
The landing page of the menu exudes simplicity. The dashboard contains a good summary of event activity, data usage incidents, discovery incidents and a health monitor that tells admins the status of the device itself. Each of these major categories allows for appropriate drill-down - logs for recent activity and other details for the rest. The data usage incidents also are tracked graphically as a histogram.
Incidents may be tracked and managed in much the same manner as a help desk incident system. For example, events can be assigned to individual administrators or groups for remediation.
There are several preconfigured reports, and one can create custom reports quite easily. Reports can be scheduled and exported as PDF or CSV files. Creating a report is a straightforward, step-by-step process. This is an example of an excellent wizard. In fact, the only configuration or editing functions on the Code Green device that are not supported by first-class wizards are those required to initially integrate the device into the network.
We used the standard policies that came with the device, and it catches attempts to defeat it exactly as we anticipated. The device is transparent to users unless it bounces a message. If that happens, the administrator can configure the process of notification. Usually, by default, the message from an Exchange Server goes to the sender. We also had examples of bounced messages where the Exchange Server was not properly configured with the appliance.
Pricing on this device can range widely depending on which version is purchased. Regardless, we find that it is an excellent value. Support requires a contract to access most of the assistance portal, but this is reasonably complete. Varying levels of phone support are available. Access to the assistance portal, in general, requires that the product be registered. Overall, we found the company's support website to be clean and useful.
We liked this product with its clear, web-based user interface and its intuitive policy configuration and management. There are more than enough choices for that to give the appliance the flexibility and feature set needed in a superior DLP product.