News Stay informed about the latest enterprise technology news and product updates.

Data leakage protection: Where does it fit in the network?

Network-based antivirus and antispam products are getting a face-lift with next-generation content filtering, but is data leakage protection best served in the network or at the endpoint?

With anti-X technologies (antivirus, antispam and antispyware) becoming commodity items, information security vendors are revving up to offer network professionals more comprehensive antivirus solutions, with a focus on generating additional revenues through advanced security offerings. This is good news for network pros, whether they are looking for a value-priced, basic security package or more innovative solutions.

Last week Symantec Corp. took it up a notch when it announced it was integrating data leakage prevention (DLP) capabilities into its gateway security product. The move supports the trend of offering a core set of anti-X functionality under its standard pricing while placing an emphasis on its premium or add-on technology, which now includes DLP and archiving, targeting those enterprise customers looking for outbound monitoring and regulatory compliance solutions. It was the kind of move that will prompt a network manager who's on the fence over whether to invest in DLP monitoring tools to jump off. And why not? Symantec's taken all the heavy lifting out of signing up for an emerging, complex technology that typically is delivered to organizations by a high-priced professional services team that will need to fiddle around with configurations for a couple of weeks. Symantec's taken a new and compelling technology, optimized it for its mail security platform, buried the details, and is helping to drive interest through simplicity and competitive pricing.

Competitors not yet integrating DLP tools into their antivirus/antispam solutions will be further relegated to commodity status and will likely attempt to undercut Symantec's pricing in hopes that outbound monitoring/blocking is not yet a priority to all organizations. But a lot of folks are betting that this sophisticated content filtering technology is top-of-mind for many networking pros who have been losing sleep over the prospect of making headlines after an internal breach of sensitive customer information. Now that the law dictates full disclosure after such a bungling, organizations are looking for answers.

At least initially there will be some controversy over where this technology best fits into the network. Following Cupertino, Calif.-based Symantec's move to add DLP to its network-based security solution, McAfee Inc. this week announced it was acquiring DLP provider Onigma Ltd. in order to offer a host-based DLP solution. The move begs the question for network managers: Is the technology best suited at the network level or at the endpoint, once more sparking the same debate that often surrounds emerging security technology. Obviously Santa Clara, Calif.-based McAfee is playing to its strengths by offering the technology, at least initially at the host (and we fully expect the company to follow up eventually with a network-based solution). McAfee's argument -- and it's a good one -- is that network-based DLP products don't provide the breadth of coverage that host-based products offer because they can't watch over the remote laptop user who's on an airplane or at Starbucks, and determine whether he's using a physical USB drive or has a printer locally attached to his machine.

On the other hand, network-based products are attractive because email is the most widely used communications channel among organization, and so vendors with gateway products are looking to combat data leakage at this level. Ultimately these vendors will build out their portfolios to include both network- and host-based solutions, and those IT professionals who don't feel a sense of urgency can certainly wait out further development of these solutions. In the meantime, prepare to see a tighter core offering of anti-X solutions offered alongside some compelling advanced security technologies aimed at providing network professionals with a tighter rein on inbound and outbound communications.

Charlotte Dunlap is an analyst for Current Analysis, which provides competitive response to vendors, users and integrators. She has more than 15 years of experience covering high-tech/security issues as a journalist and analyst. She can be reached at

Dig Deeper on Network Security Best Practices and Products

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.