Websense integrated security system aims to simplify security management

Websense Inc. has announced its new integrated security system, dubbed Triton. The product combines Web content filtering, email security and data leakage prevention into one console.

Seeking to transform itself from a niche Web content filtering specialist into a broader security vendor capable of handling Web and email security and data leakage prevention (DLP), Websense Inc. has unveiled a new integrated architecture that it says will help organisations manage security more efficiently.

The new Triton architecture aims to unite email and Web security management under the control of a single console, while allowing policy to be enforced regardless of whether users are located in company headquarters, remote offices or out on the road.

The vendor says Triton is the result of three years of work, during which it has pulled together and integrated technologies from its various acquisitions. In January 2007, Websense bought PortAuthority Technologies Inc., a DLP specialist. Three months later, it acquired SurfControl plc, a British Web content filtering company, for more than £200 million. Although Websense and SurfControl had similar main offerings, SurfControl had recently acquired BlackSpider Technologies Ltd., which specialised in cloud-based email filtering.

Triton brings the various elements of those companies together, and according to Websense, will make it easier for companies to control the threat of Web- or email-based incoming content while preventing the leakage of sensitive information. By supporting a combination of in-house appliances or software and a cloud-based service, the Triton monitor will be able to enforce policy for all users, whether they are inside or outside the corporate firewall.

More on Web content filtering

How well do content filtering tools limit network traffic?

How to clear out anonymous Web proxy servers in the workplace

Email filtering tools and techniques

Mark Murtagh, technical director of Websense, said that bringing Web and email management under a single umbrella would make it easier for its enterprise customers to defend against blended threats and to analyse the content of incoming mail and Web traffic more efficiently.

He said the Websense product allows customers to reduce the number of physical devices they need to manage. "Traditionally, customers using secure Web gateways have had to layer in Web proxies, antivirus and other solutions they bolt together. That typically means quite a few boxes to manage in the data centre," Murtagh said. "They have also had to use several management consoles to do proxy management, secure Web gateway management, URL management, DLP management and reporting. Triton lets them manage that from one place. They reduce the cost and complexity of their architecture to start with and it is easier for them to manage, with better reporting."

Triton will also support a combination of in-premise and cloud-based security from the single console, Murtagh said, rather than having a separate console for each service.

"The customer builds the policy and the Triton architecture handles all the back-end replication, the correlation of logs," he said. "The customer sees one view, and it protects employees whether they are in the office or travelling around the world."

The first release of Triton will be in April 2010, although full support for email management will follow around June 2010.

Industry servers agreed that Websense has done the right thing by focusing on a product strategy that simplifies security management.

"I think Triton represents a fairly significant advance in the way security is managed," said Mike Osterman of Washington-based Osterman Research. "It also reduces the cost of security and allows policies to be managed corporate-wide from a single place. It is particularly important for distributed companies, where you need to enforce security in branch offices."

Bob Tarzey, a director at Windsor-based research firm Quocirca Ltd., said that Websense is meeting a growing demand.

"Companies need to address total content security, including Web and email traffic, and how content is used internally and out on endpoints. It also has to be a hybrid of on-premise and cloud-based service," he said. "Content security in the twenty-first century is something you have to address both inside and outside the firewall."

But Tarzey pointed out that many other vendors have also been building out their own offerings by acquiring cloud-based services. For instance, Symantec Corp. acquired MessageLabs; Cisco Systems Inc. bought ScanSafe Inc., and McAfee Inc. acquired MX Logic Inc. "It's the way the industry is going; a whole wave of vendors are doing the same thing," he said.

Read more on Application security and coding requirements