This month we are concentrating on the data that should not enter your network and the data that should not leave your network.
Of course, data that should not enter the enterprise generally is stopped by the firewall — at least in the good old days. Today we are seeing a lot of perimeter systems converging into a single appliance. But there still are a few firewalls plain and simple.
Click here for the Data Leakage Prevention 2007 Group Test.
Click here for the Firewalls 2007 Group Test.
Data that should not leave the enterprise is data that is proprietary or would be damaging to the organization if it escaped. That process — the protection part — has various monikers, including data leakage protection/prevention, exfiltration protection/prevention, and my favorite, extrusion protection/prevention. I went into the lab to tinker with a fist full of these products and, boy, was I surprised.
The definition of extrusion prevention tools must be pretty fuzzy because we received a lot of products that approached the problem in several different ways. There were a few products that worked the old fashioned way: they monitor the data stream for dirty (sensitive) words and phrases, and then they either stop the violation and report it, or simply report it. There were some that work at the endpoint, and I like those because they stop the problem before it gets onto the network.
Back in Justin's lab we experienced an interesting phenomenon. Judy, our intrepid editorial assistant, summoned 20 firewall vendors to the party. Five showed up and one of those decided to drop out pending a new release. The firewall market is undergoing significant change and the vendors are keen to get on board. That means that there are a bunch of firewalls in transition from plain vanilla to something more.
Look for a significantly different breakdown by product families in our Group Tests next year. In fact, even the plain Jane firewalls we looked at were not ugly ducklings at all. Most are evolving into swans with lots of features that will, eventually, morph firewalls into something that looks a bit like a super-UTM. We look forward to that with some trepidation. As I have written on my blog, that strikes at the notion of defense-in-depth and provides a single point of failure.
The bottom line this month, though, is that you need to keep the bad guys out and the secrets in. Our Group Tests offer products to do exactly that.
— Peter Stephenson, technology editor
Product section: Data leakage prevention and firewalls
From the - November 2007 Issue of SCMagazine »