Websense Unifies Cloud, On-Premises Security Management

As security vendors have added cloud-based services to their portfolios, there have been ongoing discussions about how best to combine these services with on-premises security products. 

While many vendors offer both delivery models, Websense took it a step further Feb. 9 with a new platform that integrates data loss prevention, secure Web gateway and e-mail security while allowing users to manage the company's on-premises and cloud security offerings through a single console.

Websense calls this new unifying architecture Triton. Triton's ACE (Advanced Classification Engine) provides a real-time threat analysis infrastructure and employs URL filtering, anti-virus protection, reputation services, data fingerprinting and other analytic functions to classify outbound and inbound content.

ACE is powered by Websense's ThreatSeeker Network, the global network the company uses to analyze security threats. But arguably the biggest part of Triton is TruHybrid, a policy management and reporting infrastructure that spans Websense's on-premises, SAAS (security as a service) and hybrid deployment models. Through Triton, organizations can set policy from a single console to govern remote workers and geographically dispersed office environments.

"With this architecture, you don't have to choose [between cloud or on-premises approaches]—you can decide what best fits the organization today," said Devin Redmond, vice president of product management at Websense.

Right now, the Triton system is managed on-site and supports Websense's Web security and data loss prevention technology. Management for e-mail security is coming later in 2010, according to the company.

Forrester Research analyst Chenxi Wang said Websense is taking a good step forward with Triton, but suggested Triton might do better if it lived in the cloud and offered "access from anywhere."

Wang told eWEEK, "I think integration across data, e-mail and Web is the direction the industry is moving toward. Websense's Triton made a good stride in that direction and certainly is ahead of most of the industry."

IDC analyst Brian Burke noted that the Web has become the primary vector of attack by which cyber-criminals launch malware to infect users and businesses, requiring security vendors to take a comprehensive approach.

"To be effective against today's modern threats, Web security technologies must have robust data loss prevention and be capable of maintaining compliance and control by analyzing inbound and outbound Web traffic in real time, and must also provide a unified platform for [on-premises] and SAAS solutions so security policies can be applied and enforced equally across even dispersed enterprises," Burke said in a statement.

Triton is currently available to qualified organizations as part of an early adopter program. It is slated to be generally available for all customers by April.