By eweek  |  Posted 2006-06-12 Print this article Print

While Vontu aims to prevent the inadvertent release of personal and other regulated data, the product also has extensive capabilities for finding purposely hidden data.

For example, Vontu 6.0 examines files attached to e-mail messages or being transferred independent of the file extension.

In our tests, we collected personally identifiable data into Word documents and then changed the file extension of the documents to try to evade detection by Vontu 6.0. None of our attempts to evade detection was successful. Only one minor failure was noted when we attempted to look for "Confidential" data.
Click here to read a review of patch management solution BigFix Enterprise Suite 6.0. Vontu was able to identify when the word appeared in a document. However, when we set up Vontu so that it would also look for quotation marks before and after the word, we saw some anomalous behavior: The document would sometimes be flagged as containing protected data but still allowed to pass.

We dont see this as anything other than a minor concern, since quotation marks are almost never a piece of confidential information. In addition, Vontu worked without a hitch in all our tests that looked for dashes (inside Social Security numbers and telephone numbers) and decimals (in currency amounts).

Aside from exact matching, we also used what Vontu calls "index document matching," where free-form text is processed into Vontu 6.0 and then protected in much the same way exact data is protected. These tests were much more difficult to conduct because the percentage of a document that must be protected varies in an almost limitless way. We were able to make accurate identification of documents even when paragraphs were rearranged in the same document, but detection became more difficult when only portions of a protected document were transmitted.

We were able to access Vontu 6.0 from a Mozilla Firefox browser, but we could manage the administrator interface only when we accessed the product from Microsofts Internet Explorer browser. This was disappointing because we often use Firefoxs tabbed browsing capabilities to access a variety of management tools in our network.

Vontu 6.0 must be able to see network traffic and be integrated with compatible Web proxy and e-mail gateways to fully protect data. Aside from the practical task of making room for one more monitoring port on our Cisco Catalyst switch, we also had to ensure that the Vontu 6.0 installation integrated correctly with our test network. While Vontu 6.0 supports some of the biggest names in Web proxies and secure e-mail gateways, the list of vendors is still rather short: Cisco, Blue Coat, Guidance, IronPort, PGP and Symantec.

Next page: Evaluation Shortlist: Related Products.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel