By Ellen Messmer
Security vendor PortAuthority has unveiled a line of hardware appliances used to prevent sensitive data from being transmitted outside a corporate network via email, FTP or HTTP.
The company decided to make its monitoring and prevention product available as an appliance line because customers may find it easier to deploy preconfigured hardware than load the PortAuthority software onto a server.
The devices include the M100 and M500. Port Authority says it will continue to provide a software-based version of its data-leakage prevention product, but will encourage customers to make the transition to the appliance line offered as PortAuthority 4.0.
PortAuthority competes against vendors such as Vontu and Vericept in the area of outbound monitoring and blocking, or extrusion prevention, says Raj Dhingra, PortAuthority’s vice president of product marketing.
The latest version of the management console and outbound data-monitoring product adds a way to block sensitive data, such as personal financial information.
However, it requires a way to interact with a URL filter proxy that supports the Internet Content Adaptation Protocol (ICAP). This is a content protocol developed by the ICAP Forum. The forum submitted the protocol, which is used for various purposes — including directing traffic and anti virus engines — to the IETF as an RFC (Request For Comments). Vendors such as Blue Coat and Network Appliance are among those supporting ICAP in web filtering products and Cisco for firewalls and routers, Dhingra says.
PortAuthority 4.0 routes all outgoing Port 80 requests to the PortAuthority appliance so that content can be inspected to ensure it doesn’t violate the security policy established by the PortAuthority MX management console.
Another new feature in PortAuthority 4.0 is that it can block printing of sensitive information, following installation of a PortAuthority software agent on a Windows or Novell printer server to examine network-based printer requests. “This could be authorised by group, sender or content alone,” Dhingra says.
“We definitely plan to use it to extend control beyond just email,” says Kirk Drake, vice president of IT at the National Institutes of Health Federal Credit Union.