Code Green Appliance Provides DLP Basics

eWEEK Labs' tests show that the CI-750 is an affordable solution for SMBs and workgroups, but it's lacking in management granularity and its Web interface is sluggish.

Code Green's CI-750 provides affordable data loss prevention capabilities for SMBs and workgroups, but companies may end up paying a high cost for the savings.

Code Green's DLP appliance now uses algorithms to automatically identify various kinds of documents, including resumes and contracts; integrates with Microsoft Active Directory; and adds new policies to monitor for health care data.

For smaller organizations and branch offices that need to ease into a DLP tool without dropping a ton of cash, the CI-750 (and its big brother, the CI-1500) is worth considering. You won't get the bells, whistles, capacity or finesse that enterprise providers offer (including Symantec, which acquired Vontu in December 2007, or RSA, which acquired Tablus in August 2007), but the CI-750 did a good job in eWEEK Labs' tests of identifying sensitive information in Web e-mail, file transfers and file shares.

eWEEK Labs takes the CI-750 for a test run. Check out the images.

The CI-750 starts at $10,000 and is designed for as many as 250 networked users; the CI-1500 starts at $25,000 and can accommodate up to 25,000 networked users. Code Green also makes an endpoint DLP agent.

One major concern that arose during my tests of the CI-750 (all reviewed features apply to the CI-1500, which differs only in capacity) was that protected data was displayed in the clear on the management terminal. This puts IT staffs in the position of seeing protected data to which they might not normally have access. A Code Green official told me that data masking was in the works as an enhancement request.

eWEEK's Channel Labs also put Code Green's CI-750 through its paces. See what they found.

The CI-750 also leaves something to be desired when it comes to user management. While it's possible to create user groups, it's not possible to change the rights assigned to those groups. For example, I wanted to create a restricted user group so that administrators could see that a policy violation had occurred but wouldn't be shown the actual detailed information. That's not possible in this version of the product.