iSheriff Cloud Security
Back in the day we could define an enterprise fairly easily. There were computers serving as workstations, some serving as various types of servers, there was a defined perimeter with a firewall and maybe an IPS, and if there was an external subnet - such as an online banking frontend - it was safely tucked away in a DMZ behind a firewall. Security management was easy then.
Typically, we saw anti-malware, web security, an email gateway that blocked email-borne malware and some other little goodies that protected some specialised parts of the network, an FTP server or DNS for example. We knew where the network was and we knew what the perimeter was. We also knew who was allowed inside the perimeter. Not so today.
Today we have virtual systems, cloud computing, some discrete hardware and virtually no solid perimeter. How do you secure that? iSheriff has the answer. iSheriff is one of a flock of vendors that are trying to use the cloud to protect the data centre back down on Earth. And it is doing an admirable job of it. The company does it from the cloud as many similar vendors do but there are some differences - and we liked them a lot. But, before we get to the differences, a bit about the product.
The tool is deployed in the cloud. It offers anti-malware, content filtering, data leak prevention, application control, anti-spam and phishing and message archiving. It is based in 35 data centres around the world and it sits on a private backbone network, not the internet. You can create policies around data sources, devices and users. The client is lightweight when deployed, but if a particular service is needed, it can be added directly from the cloud.
The policy engine is straightforward. Policies are easy to deploy and web filters are equally simple. Like most similar products, iSheriff has drill down. However, this drill down seems to go on forever. The amount of data that you can get as you analyse is amazing. One excellent application for the drill down is forensic analysis. There is enough information to conduct a full investigation and provide the entire audit trail needed to make your case.
There are a variety of dashboards available. Within the general functions - email, web, malware - there are individual dashboards that supply the big picture. For example, for the web security functionality there are dashboards for an overview (blocked viruses and spyware, malicious sites blocked and policies triggered), web traffic overview, application overview, social media overview, data leakage overview, as well as web tools. All of these, of course, have multiple layers of drill down to analyse top-level reporting.
The endpoint summary focuses on malware. The reporting is extensive and iSheriff uses an interesting combination of its own anti-malware and BitDefender: iSheriff's own product focuses on signatures, while BitDefender adds heuristics and zero-day analysis. Interestingly, this combination has put iSheriff near the top of the heap - above 95 percent reactive and more than 90 percent proactive, the top score in the bunch - significantly ahead of vendors with far more recognisable names.
The price for this one is reasonable and deployment is simple, making overall cost of ownership pretty good. In keeping with the current trend iSheriff has a good Big Data engine. Typically, the term "Big Data" is rather hype-laden. Not in this case. True Big Data is data with high volume, high velocity and high variety, sometimes called the "3 Vs." IBM adds a fourth V: veracity. For our purposes, we need all four - and iSheriff delivers. Adding veracity gives us the excellent forensics this product provides in an environment that is like drinking from a fire hose.
Finally, we liked the attention to detail. For example, when triggering on a Social Security number or credit card number in the data leakage prevention functionality, all of the calculations are done. Simple regular expression (regex) never is depended on alone. Similarly, file analysis does not depend on file extension. Every file is identified based on header information. These two approaches significantly limit false positives.
All of that said, iSheriff offers a really viable alternative to host-based security management. The idea of managing the security of an on-premises data centre from the cloud is not new. But these folks really have the right recipe and this tool will cook up a secure data protection scheme every time.
At a glance
Product iSheriff Cloud Security
Price Base price £19/user/year.
What it does Integrated security management tool deployed in the cloud.
What we liked Simplicity, comprehensive web, endpoint and email protection for mixed environment (virtual, physical and mobile).