TrueDLP

Earlier this month Gartner released its 2010 Magic Quadrant for Content-Aware Data Loss Prevention, and we are extremely pleased that the analysts recognize the value and strength of Code Green Network’s easy-to-use, low-cost, content-aware network data loss prevention solution.

“It is very easy to deploy and use for up to 50,000 users, making the overall offering attractive to price sensitive enterprise buyers.”

2010 Magic Quadrant for Content-Aware Data Loss Prevention, Gartner, Inc.
The complete report can be obtained from Gartner Group.

We believe that Gartner and other analysts’ recommendations can be very helpful in sorting through the myriad of products on the market. We suggest taking the Magic Quadrant and the associated analysis into consideration based on your organization’s size, needs and infrastructure.

A key theme emerged in this year’s report: ease-of-use, or as we think about it, simplicity. While data loss prevention (DLP) solutions have existed for some time, they typically have been complex to deploy and manage, and in many cases, engineered as “bolt on” products added to other solutions in the vendor’s product line. Since DLP is our only business, we have focused on simplicity: easy-to-set up, easy-to-deploy, and easy-to-manage. In most cases, our customers get a complete DLP solution in a single appliance, while the same functionality can require up to seven appliances from other vendors. More complex solutions often require a full-time person just to manage them. In contrast, most TrueDLP users spend as little as an hour each week managing DLP:

“I like that minimal IT time is needed to maintain the system. Responding to alerts and refining policies, as management identifies new data to be registered, is all that’s required from me or my team.”
Steve Scott, Information Security Manager, St. Charles Health System

Although price sensitivity is not a theme in this year’s report, as reflective of the vendors in the “Leaders Quadrant”, Code Green Network continues its pioneering position of being a cost effective enterprise solution with the lowest total cost of ownership–providing full features in a single appliance with no complicated licensing fees. Customers can add more seats or locations by adding appliances in a modular way.

The report highlights that 40% of Gartner clients interviewed, led with their network requirements. Gartner states that enterprises that began with network (or endpoint capabilities) nearly always deploy data discovery functions next.

According to Rich Mogul, from the Securosis research and advisory firm, this is because network deployments typically provide the most immediate information with the lowest effort, http://www.securosis.com/tag/data+loss+prevention. We have also seen that same trend.  Almost all of our customers begin with Network DLP, add Discovery capabilities, and then begin to think about Endpoint DLP.

With input from our channel partners and customers, we continue to evolve our solution to strengthen and further expand its capabilities.  Watch for more news on this soon, as well as updates on our ongoing expansion into markets outside North America.

When it comes to network data loss prevention solutions monitoring SSL encrypted traffic a lot depends on the transparency of the web/ICAP proxy and how it is configured to handle SSL certificates. Some proxies are better at this than others.  Pretty much all the network DLP solutions utilize ICAP integration with a web proxy for inspecting SSL traffic and are somewhat/very successful.

When it comes to endpoint data loss prevention solutions monitoring SSL encrypted traffic there are issues.

1. You can’t monitor traffic from systems that don’t have the endpoint solution on them, for example guest machines, contractors, visitors, etc. Or the endpoint solution may not be available for all the different endpoint operating systems and browsers used on your network. A network based solution monitors/controls anything going through the gateway regardless.
2. The endpoint solution has to have its inspection/control happen prior to the data being SSL encrypted by the web browser. This can be difficult to build and not all endpoint solutions can do this. If the endpoint solution is built to handle IE browsers you may need to lock the endpoint down to prevent other browsers (chrome, safari, etc) from being installed and used.
3. The deployment and management issue – network DLP is much easier and less disruptive to deploy and manage than installing an endpoint DLP agent on every desktop in your organization.

I’m not against endpoint DLP, it’s one of the products Code Green offers, but network DLP is a much better solution for web traffic monitoring and control.