Code Green Prevents Red Alerts with DLP Appliances

By Frank Ohlhorst  |  Print this article Print

Review: Code Green Networks brings a data loss prevention (DLP) appliance to the channel in the form of the company's CI-750. eWEEK's channel labs takes a look to see if the CI-750 is the answer to the DLP question.

Data security has become a complex endeavor for most any business. Most IT administrators have turned to a multitude of appliances and software solutions to build layered security from outside threats.

This proves to be a good start, but while many focus on protecting corporate data from the outsider, the threat from the insider is often overlooked.

Many enterprises, driven by compliance issues, have started to implement a technology called DLP (Data Leakage Prevention), which controls the movement of data in the network. Code Green Networks has become a valuable ally to those deploying enterprise DLP solutions, thanks to its high-end DLP appliance, the $25,000 CI-1500.

While that's great for the enterprise, what about the SMB market? Doesn't its data deserve equal protection? The answer, of course, is an obvious yes, but not at a price of $25,000! Luckily, Code Green offers an alternative with its CI-750 appliance, a unit specifically engineered for smaller businesses seeking a full-featured DLP appliance.

At $10,000 for 50 users, the CI-750 is no small drop in the bucket, but when one considers the value of the data being protected and the associated costs of the failure to meet compliance requirements, the price does not seem all that excessive.

The CI-750 helps prevent leakage of sensitive data and works over a variety of network protocols, including SMTP, HTTP, HTTPS, and FTP. What's more, the unit works with standard Web transport protocols, which allows it to protect sensitive data from being posted to blogs, wikis, and Web forums. That protection even extends to Web-based mail services such as Gmail, Hotmail, Windows Live Mail, AOL mail and Yahoo Mail.

The CI-750 also monitors and records sensitive information transmission, and offers the ability to block transmission using third-party proxy server solutions. If the data is not to be blocked, then the appliance can automatically encrypt the data transmissions, making it an ideal DLP solution for branch offices.

The unit works by scanning all traffic for defined data types, such as Social Security numbers, credit card numbers and so on. The unit can gather that information from corporate databases to protect the actual data or policies using pattern recognition can be setup. To protect intellectual property, which may not be stored in defined databases, the CI-750 employs a technology called deep-content fingerprinting, which relies on cryptographic hashes of recognized data to block transmission and generate alerts.

The same data control can be applied to the corporate e-mail system, where data can either be blocked or encrypted based upon defined policies. Those features are all good news to businesses attempting to meet PCI, HIPPA, SOX and California SB1386 regulations. The CI-750 offers out-of-the-box compliance with Federal Trade Commission guidelines and Federal Rules of Civil Procedures amendments, which govern electronic discovery.

The CI-750 can protect as much as 20 million elements of stored data (found in databases and structured files) and up to 250Gb of data across more than 400 different file formats, including MS Office, CSV Files, CAD Files, Images and so on.

The unit has been designed with ease of use in mind; most solution providers should be able to deploy a CI-750 in less than a day. A typical setup consists of hardware installation, policy definition and then some fine tuning and should not be too much of a challenge to even an entry level network engineer.

While most users will think of the CI-750 as a plug-it-in and forget style of appliance, nothing could be further from the truth. DLP solutions need management and auditing and the CL-750 is no exception. That's good news for the solution provider, who can build service revenue around reporting, policy adjustment and other integration and maintenance services associated with compliance and data leakage prevention.

Pointer Click here to read more about how rival McAfee is getting into DLP.

There is a lot more to DLP than just monitoring network traffic, a complete DLP solution must also address end points, specifically PCs or other devices that connect to the network and can access data. Here, Code Green offers additional protection in the form of their Content Inspection Agent, which, when installed on end points, prevents the copying of sensitive data to CDRs, USB Key drives and so on. The idea here is to close all exit points where data can travel. The agent can be set up to either block the movement of data to removable storage or it can use a policy to encrypt the data when it is stored on a removable device. The idea here is to allow workers to transport data, but keep the data secure if the device (such as a USB Key drive) is lost or falls into the wrong hands.

The Content Inspection Agent fully integrates into Code Green's management applications, which allows a single point of administration for all policies, regardless if the policy is aimed at IP traffic or portable devices. This single view into DLP simplifies both administration and reporting and allows companies to meet compliance requirements with relative ease.

Although Code Green Networks is a relative newcomer to the security appliance market, the company has made significant commitments to the channel. The company distributes its products 100 percent through the channel; there are no direct sales to customers, which help to create additional opportunity for partners. The company is still in startup mode and offers significant flexibility to its current partners. Major requirements to become a partner include demonstrated technical know-how, an established customer base and completion of sales and technical training.

Frank Ohlhorst Frank J. Ohlhorst is the Executive Technology Editor for eWeek Channel Insider and brings with him over 20 years of experience in the Information Technology field.He began his career as a network administrator and applications program in the private sector for two years before joining a computer consulting firm as a programmer analyst. In 1988 Frank founded a computer consulting company, which specialized in network design, implementation, and support, along with custom accounting applications developed in a variety of programming languages.In 1991, Frank took a position with the United States Department of Energy as a Network Manager for multiple DOE Area Offices with locations at Brookhaven National Laboratory (BNL), Princeton Plasma Physics Laboratory (PPL), Argonne National Laboratory (ANL), FermiLAB and the Ames Area Office (AMESAO). Frank's duties included managing the site networks, associated staff and the inter-network links between the area offices. He also served at the Computer Security Officer (CSO) for multiple DOE sites. Frank joined CMP Technology's Channel group in 1999 as a Technical Editor assigned to the CRN Test Center, within a year, Frank became the Senior Technical Editor, and was responsible for designing product testing methodologies, assigning product reviews, roundups and bakeoffs to the CRN Test Center staff.In 2003, Frank was named Technology Editor of CRN. In that capacity, he ensured that CRN maintained a clearer focus on technology and increased the integration of the Test Center's review content into both CRN's print and web properties. He also contributed to Netseminar's, hosted sessions at CMP's Xchange Channel trade shows and helped to develop new methods of content delivery, Such as CRN-TV.In September of 2004, Frank became the Director of the CRN Test Center and was charged with increasing the Test Center's contributions to CMP's Channel Web online presence and CMP's latest monthly publication, Digital Connect, a magazine geared towards the home integrator. He also continued to contribute to CMP's Netseminar series, Xchange events, industry conferences and CRN-TV.In January of 2007, CMP Launched CRNtech, a monthly publication focused on technology for the channel, with a mailed audience of 70,000 qualified readers. Frank was instrumental in the development and design of CRNTech and was the editorial director of the publication as well as its primary contributor. He also maintained the edit calendar, and hosted quarterly CRNTech Live events.In June 2007, Frank was named Senior Technology Analyst and became responsible for the technical focus and edit calendars of all the Channel Group's publications, including CRN, CRNTech, and VARBusiness, along with the Channel Group's specialized publications Solutions Inc., Government VAR, TechBuilder and various custom publications. Frank joined Ziff Davis Enterprise in September of 2007 and focuses on creating editorial content geared towards the purveyors of Information Technology products and services. Frank writes comparative reviews, channel analysis pieces and participates in many of Ziff Davis Enterprise's tradeshows and webinars. He has received several awards for his writing and editing, including back to back best review of the year awards, and a president's award for CRN-TV. Frank speaks at many industry conferences, is a contributor to several IT Books, holds several records for online hits and has several industry certifications, including Novell's CNE, Microsoft's MCP.Frank can be reached at frank.ohlhorst@ziffdavisenterprise.com

Submit a Comment

Loading Comments...