Perhaps malware protection belongs both at the perimeter and the endpoint, but content protection belongs at the perimeter. Content filtering at the endpoint is, at best, a luxury. With perimeter content filtering, reporting and analysis become vastly simpler because all the data is collected at one point. I'm willing to bet that D.C. did no central collection and reporting on their WebSense data. Updating also becomes much easier and more reliable with a perimeter solution, since only one -- or a small number in any case -- of systems need to be updated. Pushing out updates to 30,000 systems is always a tough job. Some security solutions brag about the frequency of their updates.Originally, because of COPA (the Children's Online Protection Act), the first big movement in the market came from K-12 schools. It's 40 percent of their installed base and Lochart argues that the market is just about 100 percent penetrated because of legal mandates. He also says it's almost entirely perimeter protection. The corporate market is only about 60 percent - 70 percent protected, and I think we can guess that governments are at best no better. But different legal issues are growing the market, mostly in the form of lawsuits by employees over a hostile workplace. I can't imagine a company these days so unaware of these issues that they would tolerate porno surfing by employees. Such companies deserve what they get. And we're probably at the point where it's dangerous not to have effective -- meaning perimeter-based -- content filtering. At least you could show that you tried. I guess I have to point out that the numbers in the Washington Post story, of 19,000 and 39,000 views, are probably exaggerations. It would seem from them that these workers did little else but look at dirty pictures, but I suspect limitations in the WebSense software (or a desire by District officials to overstate) resulted in one page view showing up as multiple clicks. Often, such sites will open up multiple popup windows, for example (so I've heard; of course I've never seen it myself...). So did they surf porn 84 times a day or just 25? Close enough for government work I guess. Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. For insights on security coverage around the Web, take a look at eWEEK.com Security Center Editor Larry Seltzer's blog Cheap Hack
I spoke with Andrew Lochart, vice president of marketing and product management at St. Bernard, who, like WebSense, has products in the enterprise content filtering space. He argues that the drive behind these products has always been from legal issues.