The combined problem of spyware, unsuitable, offensive and illegal internet material has created a headache for many IT operatives. As organisations can be held accountable for the exposure of their employees such material, the challenge of keeping it out is a complex one. ComputerScope spoke to Frank Coggrave, regional director UK and Ireland, Websense, on filtering technologies.
“Originally, people may have bought filtering products for productivity reasons. We are now seeing people, over the last two years, looking at that section of the market for security reasons; because the bad people will try to get bad things to you in many different ways. There’s phishing attacks, instant messaging viruses and malicious mobile code on websites, so over the last two or three years we have beefed up the security aspect of Websense products, so that now we are protecting against key loggers, spyware and phishing as well as the traditional productivity side of the business.”
Beyond gateway
Recognising that most organisations have at least network gateway security in place, Coggrave said “gateway and perimeter security is now quite good, but there are still the threats from PDAs and laptops that are in and out of the network which represent a threat. Version 6 of Websense continued our drive for security by being able to force filtering on to laptops even when those laptops are out of the network, at home or in hotels or wireless hotspots, forcing corporate security policies onto those machines, irrespective of where they are.”
As many manufacturers add security functionality to devices and applications, the problem of overlap emerges. “To some extent if you have a range of blended threats out there, you need multiple layers of defence. Where we have tried to set our own boundaries is by asking what we are good at. And we are very good at classifying things. We have 12.5 million websites defined into 90 odd categories and we are good at taking users and applying policies to those users with those categories.”
However, categorisation brings its own problems and there are many concerns in these politically correct times around how different material is catalogued. Should a site selling lingerie be classified as an adult site?
Keep categorising
“Our approach has been to keep categorising as much as we possibly can. We provided a spyware category based on specific applications, but we also provided a list of IPs that were the backchannel for those applications. That meant that you could decide to block the applications or the back channel or both. What we have added since then is a specific key logging category and we will keep adding new categories while the industry is defining new things.” Working with various associations, Websense is ensuring that its categorisation is precise. “One of the things we have with the web security labs is that they are actively working with people such as the Anti-Phishing Workgroup to define what phishing is.”
As the emphasis is on the precise and updated categorisation process, Coggrave said that Websense do not block sites, “We don’t block a site. What we do is, based a on a set of criteria, a well defined and constantly refined set, we will categorise something against that criteria. It is then up to the customer to say based on those criteria, ‘I will block it or not’. Websense do not block anything.”
With its filtering software running on various appliances from Bluecoat to Cisco, Websense partners with providers in various spaces. “What we have done is develop our technology so that it will work with the big players in the security event management, identity management and the network access management sphere and put all that under the branding of Security Ecosystem that is really saying we can’t sit on our own. Our expertise is what we do and then we make sure we integrate with those players”, said Coggrave.
Subscribers 0
Fans 0
Followers 0
Followers