Vontu 7 covers your end point
On top of end point monitoring, new version adds configurable dashboards, database encryption
Information leak prevention solutions have evolved predictably. First, they identified, and then blocked, sensitive data moving around your networks. Next, the cycle repeated with information resting in data repositories. The latest installment safeguards data at end points. This is especially important for mobile workforces with sensitive files residing on laptops and other portable devices; if the unit is stolen or otherwise compromised, data loss is clearly a major problem.
[ Vontuwas selected for an InfoWorld Technology of the Year award. See the slideshow to view all winners in the security category. ]
When InfoWorld last reviewed Vontu, Version 5 was at the midpoint of this cycle, offering full network coverage and the capability of discovering sensitive information in file systems, database, and e-mail archives. Vontu 6 included data-at-rest protection for these repositories. Now, with the introduction of Vontu Endpoint Monitor (which checks for sensitive data on removable media, USB devices, iPods, external drives, and data downloads), Vontu 7 is a near-total solution for guarding confidential customer and company information.
Other leak-prevention products block at the end point, such as prohibiting files from being copied to external devices. Version 8 will include this feature, according to Vontu. Otherwise, there's enough solidity in Vontu 7 to make it a prime choice for financial institutions, manufacturers, technology companies, and retailers.
Eye on the data prize
Vontu Enforce is the glue of Vontu 7. This server provides centralized policy management, unified reporting of incidents from the five monitoring and prevention modules, automated policy enforcement, and remediation workflow.
Click for larger view.
I started testing Vontu 7 at the Vontu Enforce Web console by fingerprinting a text file with 1 million rows of customer names and associated Social Security numbers -- a process called EDM (Exact Data Matching), the first of the three underlying detection technologies. Additionally, I registered content from several SQL Server databases.