Likewise, I created Favorites -- reports of, say, personal use and employment-related messages. Yet where this solution hits
a home run is through custom searches, which are also simple to build with droplets. A few of the tests I ran identified employees
who sent potentially harassing e-mail; found messages sent to a competitor's domain, and by whom; located messages to top
investors; and determined top external domains sending employment information to employees. All reports can be run on a schedule
and contents e-mailed to you.
InBoxer got a lot of recognition after the brilliant move of processing all Enron e-mails and making them publicly searchable
with an Anti-Risk Appliance. Marketing aside, the substance behind that exercise can help any organization avoid fines and
reduce risk. This solution's well-done e-mail archiving and searching, plus real-time policy management alerts, makes it fast
and easy to stay in compliance and conduct investigations.
MessageGate Enterprise Email Governance 4.2.1
MessageGate's product takes a very sensible approach to this specific, albeit biggest, insider data-leak conduit. After operating
in passive mode that captures all e-mail communications, you develop policies specific to your organization's culture and
any problems uncovered. Also, unlike the other three products, MessageGate is a software solution with multiple components
that you implement as needed. Besides flexibility, its distributed architecture is very scalable; a minimal three-server setup
handles about 250,000 messages a day.
At this solution's hub you'll find CORE (Console, Operations, and Reporting Engine) delivering Web-user interface and managing
the remaining components. These pieces include a Message Adapter, for intercepting messages from your mail server; Message
Analysis Service, which evaluates evidence provided by the adapter and then processes the necessary policy; and a Mailout
component, for placing messages back into the mail stream after they're processed. (SenderConfirm's a standalone application
based on the main policy enforcement engine; it flags e-mails that are out of compliance, notifies the sender, and lets the
person either send or delete the message).
Although there are potentially several applications to install, my experience indicates MessageGate can be running in a day
and generating assessment reports. Here you get a high-level view of e-mail activities, such as who sends the most messages
and what type of files are attached.
After reviewing this scorecard, I was off to the Web console creating policies. Although policies can get extremely complex,
there's noting involved in using the Policy Builder. Starting with basic routing (inbound, outbound, or internal messages),
I quickly layered on criteria, like removing attachments of a certain file format that were not password protected.
I particularly liked the completeness of these actions (16 in total), which range from sending a confirmation notification
to the originator and adding a disclaimer to placing the suspect e-mail in a review queue. Another nice touch is Enterprise
Email Governance's policy test mode; this feature let me run real messages through a policy to make sure it's working right
without actually invoking actions.
The software improves detection accuracy through dictionaries, where you enter specific terms or create regular expressions
for, say, matching social security or bank routing numbers. Further, you can register content in text files and have MessageGate
refresh this information on set schedule. That said, the system doesn't crawl document libraries, databases, or content repositories.
 |
| The Bottom Line |
Code Green Networks Content Inspection Appliance 1500
Code Green Networks, codegreennetworks.com
|
 Excellent 8.8 |
|
| criteria |
score |
weight |
| Accuracy |
9 |
20% |
 |
| Ease-of-use |
9 |
20% |
|
| Features |
9 |
20% |
|
| Performance |
9 |
20% |
|
| Scalability |
8 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
Starts at $25,000 for 250 users
Platforms:
2U appliance running tuned and hardened Linux OS
Bottom Line:
The CI-1500, appropriate for midsize organizations and government agencies, monitors communications, discovers data leaks,
and automatically enforces policies. Predefined policy templates and wizards get the content inspection appliance set up and
protecting networks in a day. It monitors widely used TCP protocols, while a built-in mail transfer agent blocks or reroutes
messages. Incident management, workflow, and auditing complete this solution.
|
|
About our Reviews and Scoring Methodology
|
|
|
| The Bottom Line |
InBoxer Anti-Risk Appliance
InBoxer, inboxer.com
|
| Very Good 8.5 |
|
| criteria |
score |
weight |
| Accuracy |
9 |
20% |
|
| Ease-of-use |
9 |
20% |
|
| Features |
8 |
20% |
|
| Performance |
8 |
20% |
|
| Scalability |
8 |
10% |
|
| Value |
9 |
10% |
|
|
|
Cost:
Starts at $4,995 for 100 users and about $25,000 for 2,500 users
Platforms:
1U Linux-based appliance
Bottom Line:
InBoxer's affordable Anti-Risk Appliance scans inbound, outbound, and internal messages for various privacy violations. The
system uses sophisticated language models (based on speech recognition) to score messages -- and then invokes rules based
on the score. The system also excels at real-time reporting and customized dashboards, which shorten investigations; additionally,
InBoxer stores messages for historical search. However, there's no blocking capability.
|
|
About our Reviews and Scoring Methodology
|
|
|
| The Bottom Line |
MessageGate Enterprise Email Governance 4.2.1
MessageGate, messagegate.com
|
| Very Good 8.6 |
|
| criteria |
score |
weight |
| Accuracy |
8 |
20% |
|
| Ease-of-use |
9 |
20% |
|
| Features |
8 |
20% |
|
| Performance |
9 |
20% |
|
| Scalability |
9 |
10% |
|
| Value |
9 |
10% |
|
|
|
Cost:
Between $10 and $45 per seat, depending on deployment options; SenderConfirm is $10,000 for as many as 1,000 mailboxes.
Platforms:
Solaris 9 or 10, Red Hat Linux, Windows Server 2003 or Windows 2000 Server; MySQL, DB2, or Oracle 9 databases.
Bottom Line:
MessageGate's modular solution lets you create usage policies, install a message adapter on your e-mail server, analyze messages
against polices, and then act appropriately (such as placing a hold on messages). Most significant, this system applies archiving
policies and tags to messages before they enter your message vault -- which helps reduce storage space and also e-mail discovery
and investigation costs.
|
|
About our Reviews and Scoring Methodology
|
|
|
| The Bottom Line |
Palisade PacketSure 5.5
Palisade Systems, palisadesys.com
|
| Very Good 8.5 |
|
| criteria |
score |
weight |
| Accuracy |
9 |
20% |
|
| Ease-of-use |
8 |
20% |
|
| Features |
9 |
20% |
|
| Performance |
8 |
20% |
|
| Scalability |
9 |
10% |
|
| Value |
8 |
10% |
|
|
|
Cost:
$4,000 to $250,000, depending on the size of the organization and included features
Platforms:
1U Linux-based appliance
Bottom Line:
PacketSure, a network appliance, monitors TCP and UDP traffic passively or inline. The system performs deep packet inspection
and will block or encrypt traffic at the network edge. The default 140 signature rules can be customized with keyword matching
or extended using regular expressions. Content analysis add-ons match specific information in databases and files, such as
credit card or private healthcare data.
|
|
About our Reviews and Scoring Methodology
|
|
Talkback
E-mail
Printer Friendly
Reprints
