Of all the areas of information security that have spawned a variety of tools and tool types, content management has got to be close to the top. Over the years we have had web firewalls, web content management (WCM) tools, email content management and content management in general. All of these have converged somewhat, but web content has become more focused.
Web content management includes managing all of those data flows that are related to surfing the web. Today that covers more than 70 percent of all end-user computing, according to some sources. Certainly the percentage is quite large regardless of what the specific number is. That means that there is a lot of opportunity to be exposed to web-borne mischief. Browser protection vendor Invincea estimates that web-borne threats are up 225 percent and that application layer exploits, particularly PDF exploits, were the leading cause of infections in 2009. Now it is 2011, and the prospects are not much better.
With that in mind, this web content management group was one of our largest over the past 12 months. We certainly can see why. But has the genre really changed so much? Mike Stephenson, SC lab manager, put the batch of products - 12 in all - through their paces and virtually all of them made good showings. However, the real improvements this year seem to be user-related areas, such as easier-to-use screen layouts, simpler policy management and better reporting.
Web content management systems often are deployed as gateways and really act as content filters or firewall-type products. The idea is that when something tries to enter the enterprise from the web, you should be able to identify it and remove it. Products vary in their remediation ability, but they vary little in their ability to catch malicious web-borne attacks. All seemed to us to be quite competent.
However, in the midst of the good news - appropriate pricing/feature sets, solid functionality, and more - there is a shadow. As the nature of web-based threats evolves to become far more complex than it was in the past, some security pros are asking if WCM is the right answer. For example, one comment that we have heard recently is that the level of web firewalls and WCM is about where anti-virus was 10 years ago, because of their dependence on signatures, reputation and blacklists/whitelists. That debate likely will rage for some time, but it may have merit.
Some companies have turned to isolated secure browsing networks, some have addressed the problem with sandboxes and virtual machines, and some have depended on the supposed security capabilities of the browser itself. This, really, is a case of two things: appropriate level of web security and understanding the problem in depth.
There may be times for extreme solutions to the web-based malware problem. And, arguably, those times may become far more frequent as time passes. However, today, as you will see, there is a pretty robust crop of WCM tools that are properly scaled. There also is a good set of more extreme tools if that is what you need or want. We recommend that you take a very close look at the tools featured in this issue and use that as your baseline going forward,
We can recommend just about any of these products and, as always, you need to know your situation before you can make a selection and deploy effectively. One of the potential problems with WCM is that they can be finicky beasts. So, deploying this gateway - along with anti-virus or other gateways - can be challenging. Given that, however, the lab tests went smoothly.
Fully effective on first power-up or not, the WCM batch that we saw were a solid group of performers and we recommend that you give them a close look. Analyze your network and your requirements and then go pick out the product that fits your particular needs. With a dozen players in the web content management market, it is a safe bet that you'll find something that fits.