Endpoint Web Security
3 views
Skip to first unread message
Ryan Behan
Sep 7, 2010, 8:41:55 PM9/7/10
to Long Island Information Security Group
All,
I hope everyone's summer has been great and no issues with the
infrastructure or your own property from the Earl. I'm curious about
opinions/suggestions about securing the endpoint with regards to web/
protocol filtering/auditing. I came to an unfortunate stand still
with the Websense product suites they offer. The design forces the
host agent to check back with a policy server for ever URL accessed
and depending on the Internet connection the endpoint has can hinder
performance. This is great for exacting change immediately for all
those under a specific policy however a caching strategy would
increase performance greatly.
I hope everyone's summer has been great and no issues with the
infrastructure or your own property from the Earl. I'm curious about
opinions/suggestions about securing the endpoint with regards to web/
protocol filtering/auditing. I came to an unfortunate stand still
with the Websense product suites they offer. The design forces the
host agent to check back with a policy server for ever URL accessed
and depending on the Internet connection the endpoint has can hinder
performance. This is great for exacting change immediately for all
those under a specific policy however a caching strategy would
increase performance greatly.
Ryan Behan
Sep 7, 2010, 8:49:23 PM9/7/10
to Long Island Information Security Group
I didn't get to finish the paragraph... trigger finger ;).
Another issue with the product was if you whitelisted something, the
agent still checked back with the policy server to see if it was
whitelisted, again no caching here, the entire system seems completely
synchronous. I started reading about Intel/McAfee's Site Advisor
Enterprise Plus, anyone have positive experience with this product?
How about newer Forefront offerings?
-Ryan
Another issue with the product was if you whitelisted something, the
agent still checked back with the policy server to see if it was
whitelisted, again no caching here, the entire system seems completely
synchronous. I started reading about Intel/McAfee's Site Advisor
Enterprise Plus, anyone have positive experience with this product?
How about newer Forefront offerings?
-Ryan
Dan Guido
Sep 8, 2010, 9:03:18 PM9/8/10
to Ryan Behan, Long Island Information Security Group, nyc-i...@googlegroups.com
Crossposting this to NYC-infosec. Any takers?
--
Dan Guido
Reply all
Reply to author
Forward
0 new messages