Websense acquired PortAuthority Technologies in late 2006 shortly after I reviewed PortAuthority 5.0. Renamed Websense Content Protection Suite, version 6 blends in some Websense technologies along with enhancements that PortAuthority already had in the pipeline. Content Protection Suite 6 improves detection accuracy by looking at the destination of a message -- a technique seen in Websense ThreatSeeker, a techn Websense acquired PortAuthority Technologies in late 2006 shortly after I reviewed PortAuthority 5.0. Renamed Websense Content Protection Suite, version 6 blends in some Websense technologies along with enhancements that PortAuthority already had in the pipeline. Content Protection Suite 6 improves detection accuracy by looking at the destination of a message — a technique seen in Websense ThreatSeeker, a technology that protects against Web-based threats. And it enhances the existing PreciseID NLP feature, which uses natural language processing to tell whether similar data is confidential or risk-free; this further boosts detection rates without going through the step of uploading and scanning individual files (fingerprinting). Additionally, this latest version monitors all network protocols when deployed in-line, classifies and extracts content from more formats than previous versions (over 370 file types), and offers additional remediation capabilities (such as custom notification options). Further, all modules are managed from a single graphical interface. A typical Websense configuration includes a management appliance with the management and reporting Web UI, management server, policy enforcement server, plus PreciseID NLP and fingerprinting server, and any number of Protector appliances. The management hardware easily connects to any network hub or switch. Protectors are set up the same way in passive mode, or they can be installed in-line to block HTTP and SMTP communications. Like other top-quality data leaks solutions, Websense has evolved to discover, monitor, and protect data throughout your network. It can spot social security numbers, proprietary source code, financial data, sensitive strategy plans, and other sensitive data in SMTP or Web mail, instant messaging, and FTP file transfers, on scanned file shares, and even as it is copied to USB drives on laptops. One big change in v6 is the single management and reporting console, which simplifies administering policies, reviewing incidents, and viewing reports. While I think the interface could stand a little more tweaking — for example, PreciseID fingerprinting is accessed from the System Status area while it would seem better placed under Policy Administration — overall I like the new design. Thankfully, you no longer have to switch among separate applications to scan files at rest or register information in databases. As with past versions, 150 built-in policies and reports cover major regulatory statutes (Websense provides automatic updates to these templates). Then, with a few clicks using a Policy Wizard, you can refine policies so they apply to certain user groups or physical locations, such as a particular remote office. Also, one policy applies across data in motion (e-mail, IM, FTP), at rest (file shares), and in use (laptops and other endpoints). Content Protection Suite 6 reduces a lot of the drudgery when you need to make policies even more granular. For instance, enhancements to the Protect appliance’s Intelligent Protocol Discovery means you don’t have to specify the communications channel to monitor; the system automatically checks for leaked information over known protocols (such as HTTP, FTP, and IM transmissions) on every port. Moreover, the improved PreciseID function automatically applies various detection algorithms to each potential exit point. These detection methods include rules, lexicons, dictionaries, exact and partial content matching, and statistical analysis. The new Black Listing option lets you add another layer of protection by blocking domains and Web site categories in any combination. But here’s another important synergy with the ThreatSeeker technology: Websense’s security labs monitor when good Web sites are infected with spyware or otherwise compromised. As a result, even if you allow access to a legitimate site, Websense can automatically place it on your Black List — often within hours of the discovery of the threat. Content and context awareness helps set Content Protection Suite apart from other competitors. At the highest level, the system is aware of who is doing what, where, and how. For example, you can create a policy that allows a chief financial officer to communicate with board members using Yahoo! mail, yet still prevents the CFO from posting on Yahoo! message boards. The redesigned management console makes it easier to review critical events by policy categories and then act on individual incidents. For example, clicking the Gramm-Leach-Bliley Act category on the main dashboard opens a filtered view of the incident management screen where you can review details of each GLBA infraction. From this same page you can quickly select the desired action, including releasing the message or assigning it to another person for more investigation. Conveniently, the next reviewer can quickly see a history of previous actions and also access forensic features (such as searching for similar infractions by the same user). Another new feature lets you filter reports according to the same context and content classifications that you use to create custom policies. Discovery Reports list data-at-rest files containing sensitive data, providing details about the questionable files and the violation that triggered the incident. I’d like to see, however, data-at-rest statistics rolled up to the main executive dashboard. Websense Content Protection Suite 6 can discover and protect sensitive data in most any form, sent over various channels and to many destinations. The new natural language processing capabilities, which classify content based on the context in which it was being used, should improve accuracy. Various deployment options — and the ability to have one server operate in multiple modes (passive monitoring, inline monitoring and enforcement, or proxy mode) — can lower your overall cost. Lastly, it offers easy management from a central Web interface — though there’s still a bit more work to do in the system’s overall usability. Websense Content Protection Suite 6 Cost: Starts at $33,000 for software components Platform: Available on a variety of supported hardware platforms or on hardened appliances sold at cost. Uses a proprietary operating system derived from Linux. Endpoint agents supported on Windows 2000 and later. Verdict: Websense Content Protection Suite discovers sensitive data most anywhere in your enterprise — whether at rest, in use, or in motion. This solution’s pre-built policies and reports, plus automated data classification and protection, should result in fast de-ployments. Version 6 improves accuracy with content and context awareness, and natural language processing capabilities. Moreover, it now monitors all protocols when deployed in-line. Technology Industry