Websense Security Suite Lockdown Edition
January 01, 2007
- Ease of Use:
- Value for Money:
- Overall Rating:
Quality web-content filtering, suite components neatly integrated into a single management console
End-point security functions, such as removable media controls, are fairly limited in their capabilities
There'll be no more internet misuse in the workplace with Websense Enterprise behind the scenes. This complete suite adds extra levels of filtering and security functions.
Websense has always offered one of the most comprehensive web-content filtering solutions. The latest Web Security Suite - Lockdown Edition uses Websense Enterprise as a foundation and builds on this with extra capabilities and end-point security.
The suite comprises three main components, with Websense Enterprise delivering all web content filtering functions. It now includes protocol filtering capabilities, which function at the network and transport layers, allowing it to monitor and block applications such as IM, P2P and Skype. The Web Security Suite (WSS) component provides additional web-content filtering capabilities and focuses on areas such as phishing attacks, Trojans and spyware. It also has tools to stop instant messaging applications sending file attachments and can poll the Websense update servers every five minutes to automatically download and apply updates. ThreatSeeker technology is used to identify new threats and update the suite components. WSS also includes three web protection services: SiteWatcher monitors company websites for infections, BrandWatcher looks out for phishing attacks that use a company's own website as the bait, and ThreatWatcher monitors corporate websites and reports on potential security breaches.
The Lockdown Edition component tackles end-point security using a locally deployed agent. It can manage application usage and integrates with the Windows firewall, where it uses policies to determine its behaviour. The removable media lockdown facility allows you to block access to writeable devices such as USB Flash memory sticks and CD/DVD-RW drives. Remote URL filtering enforces web-browsing controls when a user is off-site, as the agent contacts the Websense server to check whether they are allowed to access a requested URL.
Websense Enterprise operates in two modes: it either integrates with existing proxy servers, firewalls and cache engines or functions in standalone mode. For the latter, it runs on a Windows or Linux server and employs packet sniffing to monitor web traffic.
All components are neatly integrated into the Websense Manager, which uses policies to determine what users can access. These contain category sets for blocked sites, with time periods that determine when they are active. Central to Websense is its master database, which currently lists around 21 million websites organised into some 90 categories. Policies are highly versatile as each can contain multiple category sets and time periods. Support for NT authentication, LDAP and Active Directory services allows policies to be easily assigned to specific users and groups, but you can also declare networks or individual IP addresses.
Protocol filtering is included in the same policies and covers a wide range of options, such as FTP, IM and chat applications plus P2P file sharing. There's not much to do here as you decide whether they are to be allowed or blocked, although you can log usage as well. Any changes to a category or protocol set will be automatically propagated across all policies that use them. Users who try to access a banned site can have a customisable warning web page thrust at them and you may decide to allow access if a password is entered.
Client security settings are accessed from the desktop tab in the Websense Manager. The agent can be easily deployed as an MSI package or pushed to specific users directly from the console. You can decide what sets of applications are to be allowed or denied. Once again, policies make light work of configuration and these contain information on custom firewall rules, application sets and removable media controls. For the latter you decide whether to block all removable media from being mounted or only writeable media. You can't fine-tune this to be applied to specific ports as you simply select a user, group or network from the list and apply a complete lockdown.
Reporting needs to be good, and Websense Reporter offers a wealth of tools for keeping track of internet usage. It presents a secure web portal, and a new feature is the ability to limit the size of the SQL database by closing it down and creating a new one after a specific interval for quicker searches and report generation.
Despite the extensive range of features, we found the suite very easy to use as everything runs from a single management console. The web content filtering has impeccable credentials and although some of the additional components don't have the same level of features as many point solutions, they do make this a versatile security solution that looks particularly good value
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- The information security implications of M&A deals
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Over 400,000 phishing sites have been detected each month in 2016
- TalkTalk customers urged to get routers swapped over hacker fears
- Report: Mirai 'is just the tip of the iceberg'
- Avalanche takedown involved searches in 40 countries
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime