Solved

Opinions - Websense Triton Enterprise

Posted on 2013-12-19
4
829 Views
Last Modified: 2013-12-20
Just looking for opinions on the product from anyone who uses it or knows how it works compared to similar solutions.  We're doing a DLP project and considering replacing our Email/Web filtering with a suite at the same time.
0
Comment
Question by:First Last
  • 2
4 Comments
 
LVL 62

Accepted Solution

by:
btan earned 333 total points
ID: 39731146
Websense has two area that you may want to consider such as context aware DLP and Secure Web Gateway. The DLP is part of the Secure Gateway appliance too. There is useful info in the Gartner report such as

http://www.computerlinks.de/FMS/22876.magic_quadrant_for_content_aware_data_loss_prevent.pdf

It has introduced enhanced capabilities to support mobile devices and also the ability to use advanced persistent threat features within the DLP solution to better evaluate risks.

Its "drip DLP" feature monitors for slow leaks of information over a long period of time. Websense has a strong policy engine wit h good remediation options. Its optical character recognition (OCR) capabilities identify sensitive content within scanned documents.

Its redaction capabilities are only supported for data at rest... it appears to Gartner that its product road map is showing signs of slow er feature adoption when compared to those of its competitors

However, it was understood that Triton management console provides a common point for policy management and reporting in hybrid environments. The company offers a single SKU hybrid pricing model. Customers can purchase a single license and implement it in a mix-and-match scenario (on-premises or cloud-based users). It also provides strong malware detection technology, including browser code emulation and network traffic analysis.

Websense also provides a cloud-assist sandboxing analysis with its ThreatScope offering. Objects must be submitted manually to ThreatScope, although Websense has plans to automate the process. Its DLP is integrated on box with its solution suite and note that full enterprise DLP requires additional license, it uses deep packet inspection to inspect outbound traffic for malware behaviour (this does not require a DLP license). However, the licensing of services per IP address can be outdated since most of user is carrying multiple mobile devices and definitely such licensing is not scalable and cost effective to customer, needed more flexibility like site pricing or per appliance pricing.
0
 
LVL 26

Assisted Solution

by:skullnobrains
skullnobrains earned 167 total points
ID: 39731515
many people may not agree with the following but here is an opinion

websense is based on free software so remember that any feature available will appear later in websense than in the corresponding software. what you are buying is actually less administration hassle and not technology. same applies to all concurrent products i know of as far as DLP is concerned.

----

expecting to achieve DLP in this way is meaningless, because it is just awfully trivial to bypass, even for folks with little technical skill.

for example take an excel sheet, save it as text, paste it into the body of an email, do the reverse operation on the remote side and you'll bypass websense efficiently. when that does not work, stick the excel sheet in a password-protected rar archive first. when that does not work, i'm sure you can figure something out. don't mistake my point : websense is not a bad product, but achieving efficient DLP in such ways is just not feasible...

and actually DLP in itself does not really make sense unless you forbid all kind or removable media, printers, mobile phones, cameras, and only hire people who can't remember a few lines of text (aka they won't be able to remember their passwords either)... even secret services don't manage it, as it would require to stick workers inside an air-tight bunker with no internet access, and enough oxygen and food supply for the duration of the corresponding project(s)

maybe try and think it in terms of onion-layering access to the information, and if possible scatter it so no single person has enough information to leak anything useful
0
 
LVL 62

Assisted Solution

by:btan
btan earned 333 total points
ID: 39731532
Another key aspects is to be able to inspect SSL traffic, meaning it needs to have the flexibility to do it in active inline or passive inline mode. I know it has a cloud capability but to the extend of "breaking" the SSL and acts like MITM proxy. It does have this capability but maybe not be part of the DLP suite, you likely need the SWG together with DLP

https://www.websense.com/assets/support/webinar/Presentation/Jan2013_WebinarSlides.pdf
0
 
LVL 1

Author Comment

by:First Last
ID: 39731693
Thanks so much for the info guys, very much appreciated!
0

Featured Post

Zoho SalesIQ

Hassle-free live chat software re-imagined for business growth. 2 users, always free.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
In this video, we discuss why the need for additional vertical screen space has become more important in recent years, namely, due to the transition in the marketplace of 4x3 computer screens to 16x9 and 16x10 screens (so-called widescreen format). …
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…

864 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now