Cisco IronPort data-loss prevention: beta testers share insights

Cisco customers using DLP to protect intellectual property, spreadsheets

Beta testers of a data-loss prevention add-on to Cisco's IronPort security appliances say DLP is looking like a fine complement to existing anti-virus and anti-spam filtering capabilities.

"We turned on the full range of filters to put it through its paces," says Simon Rainey, principal Internet consultant for RM Education, the United Kingdom's largest supplier of information technology products and services to schools there. While he says there have been a few false positives, the beta test, into its sixth week, has been largely successful.

The Oxford, England firm wants to see how well IronPort with DLP (based on RSA technology) will detect content related to intellectual property, credit cards and financial information. RM Education now has its IronPort gateway, which it has been using for two years, monitoring for unauthorized transmission between employees and business partners.

He says there is a process of "tuning" the DLP filters to monitor and block specific types of material between employees at RM Education and business partners. Some people, for instance, are allowed to send and/or receive CAD or Microsoft Project files, whereas others aren't.

That DLP control is typically configured based on an e-mail address or a domain name. The process undertaken so far with DLP at RM Education is to notify the business line manager of possible content-transmission violations.

Another DLP tester

Another IronPort DLP beta-tester, Dublin, Ireland-based financial-services firm EBS Building Society, has used IronPort gear for about 18 months for e-mail security. While the DLP option includes pre-defined categories of content to watch for, EBS is testing the DLP add-on to protect information of particular importance to its 400,000 customers and 100 offices."Regulatory compliance is important for us, so we're looking at [Payment Card Industry] data automatically. We're also watching for suspicious transmission of spreadsheets," says David Cahill, information security officer at EBS.

Some types of data should not be sent out unless it's encrypted, so in this DLP evaluation period, EBS is quarantining e-mail and sending a notification to the sender about the policy violation.Cahill says the company is intercepting certain material but that there is relatively little of it and it's usually sent accidentally. "It's my job to make sure people are aware of the security requirements. The system is giving us the capability to enforce those rules," he says.

Both Rainey and Cahill regard DLP filtering at the e-mail gateway as a fairly low-cost and simple way to get started with DLP in their organizations. (While the official product release is yet to come, Cisco earlier this year spoke of about $10 per user as a price point for IronPort DLP). Full-fledged DLP systems, which encompass desktops and gateways, are still expensive, starting in the six figures.

Desktop DLP at this point would be a "huge initiative," says Cahill, and it would be hard to get management buy-in for an enterprise-wide deployment.

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags ciscoDLPironport

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Ellen Messmer

Network World
Show Comments

Brand Post

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Luke Hill

MSI GT75 TITAN

I need power and lots of it. As a Front End Web developer anything less just won’t cut it which is why the MSI GT75 is an outstanding laptop for me. It’s a sleek and futuristic looking, high quality, beast that has a touch of sci-fi flare about it.

Emily Tyson

MSI GE63 Raider

If you’re looking to invest in your next work horse laptop for work or home use, you can’t go wrong with the MSI GE63.

Laura Johnston

MSI GS65 Stealth Thin

If you can afford the price tag, it is well worth the money. It out performs any other laptop I have tried for gaming, and the transportable design and incredible display also make it ideal for work.

Andrew Teoh

Brother MFC-L9570CDW Multifunction Printer

Touch screen visibility and operation was great and easy to navigate. Each menu and sub-menu was in an understandable order and category

Louise Coady

Brother MFC-L9570CDW Multifunction Printer

The printer was convenient, produced clear and vibrant images and was very easy to use

Edwina Hargreaves

WD My Cloud Home

I would recommend this device for families and small businesses who want one safe place to store all their important digital content and a way to easily share it with friends, family, business partners, or customers.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?