Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News
    • Networking

    Packetsure Learns by Example

    By
    Michael Caton
    -
    September 12, 2005
    Share
    Facebook
    Twitter
    Linkedin

      Palisade Systems Inc.s Packetsure 4.1 with content Surety puts a new spin on e-mail security by learning what constitutes unacceptable e-mail through example sets.

      Click here to read the full review of Packetsure 4.1.

      2

      Palisade Systems Inc.s Packetsure 4.1 with content Surety puts a new spin on e-mail security by learning what constitutes unacceptable e-mail through example sets.

      The PacketSure platform began shipping at the end of June and is priced on a per-user basis, starting at $15,000 for a 500-user license. eWEEK Labs tests show that the appliance-based PacketSure does a good job monitoring for and blocking suspicious message-based content. PacketSure uses TCP and UDP (User Datagram Protocol) packet inspection and broadly monitors user behavior, allowing administrators to prevent users from visiting certain Web sites, using file-sharing applications such as BitTorrent or running Windows file sharing.

      During tests, eWEEK Labs could either use sample documents and files—Content Learning—or write rules—Content Matching—to catch communications that might violate a company policy. Even with both these outlets, however, we still needed to exert considerable effort in tuning the system to cut down on false positives. The amount of time dedicated to tuning should decrease over time, though.

      This leads to a glaring omission in the product: PacketSure lacks a quarantine mechanism for storing, reviewing and releasing messages that trigger a policy, so it wont be a good fit for companies that need to actively monitor communications for compliance purposes. But companies looking for a way to prevent the transmission of intellectual property and secure data such as Social Security numbers, as well as to block unauthorized public instant messaging and e-mail applications, will find PacketSure to be a useful tool.

      /zimages/2/28571.gifRead more here about e-mail management and security.

      The packetsure with content Surety system is actually two appliances. The PacketSure appliance, which can run in either passive or in-line mode and would likely be placed in a network DMZ, does the actual policy enforcement. The MCDR (Master Content Description Repository) appliance sits inside the firewall and holds all relevant policies.

      We think this is a good design because it allows companies to use specific data, such as customer numbers, to build policy on the MCDR appliance, but it keeps that data safe by passing only hashes of it to the PacketSure appliance.

      The Content Surety part of the system comprises the Content Learning and Content Matching features, as well as Windows-based CS Monitor and CS Agent applications for creating and managing policies. Using CS Agent, we built policies based on files we determined to be inappropriate for sharing.

      We appreciated how simple it was to build these policies, especially given that users with compliance responsibilities (and not necessarily IT skills) will have to use the tool to build policies. Building a policy was as simple as designating files in a directory structure, creating a policy name and designating files as either public or private. The CS Agent then processed the files to determine common characteristics and the differences between public and private files.

      We did run into one situation that warranted augmenting Content Learning with some additional document management processes. During testing, the Content Learning system couldnt learn the difference between a draft and a final document when the documents lacked specific metadata or were submitted in the same file format because the information contained in the documents was too similar.

      Once we designated documents as draft or confidential, it was much easier to build a profile that worked consistently. Even with this extra step, it was easier to use Content Learning than to use expression-based alternatives—such as SendMail Inc.s Mailstream Manager or the PacketSure platforms own CS Monitor, for that matter—because we didnt need to be as thoughtful about detailing the conditions that would constitute an exception to a policy rule.

      CS Monitor is the primary administration tool for managing communications between the PacketSure appliance and the MCDR appliance, as well as the tool with which we built expression-based policies during tests.

      We found it generally easy to manage policies. However, it wasnt as easy to manage access to—and features of—public IM applications with CS Monitor as it is with IM security applications from vendors such as IMlogic Inc. and Akonix Systems Inc.

      Like IM management systems, PacketSure can monitor file-sharing applications. Companies also can buy an optional component, Content ID (developed with Audible Magic), that can examine file sharing for content thats been copyrighted. This could be useful in allowing users to share some files using a protocol such as BitTorrent without running the risk of violating copyrights.

      Administratively, the PacketSure platform has a few weaknesses. For example, the product has a Web-based administration console, but it includes only a subset of the tools needed to fully manage the product. Administrators will need to run the CS Monitor application and compliance staff will need to run the CS Agent to get the products complete management feature set.

      Furthermore, the product lacks dedicated tools for notifying users of policy breaches, as products such as Orchestria Corp.s Active Policy Management 4.0 do (via a client-side application). However, administrators can configure PacketSure to send alerts via Windows messaging or SMTP. The PacketSure systems reporting tools are good, although the aforementioned lack of a quarantine queue is limiting.

      Next page: Evaluation Shortlist: Related Products.

      Page 3

      Akonix Systems Inc.s L7 CM5000 Appliance for managing IM and file-sharing policies (www.akonix.com)

      Clearswift Ltd.s MIMEsweeper for SMTP and MIMEsweeper for Web Appliance-based policy enforcement for e-mail and the Web (www.clearswift.com)

      Orchestrias Active Policy Management Flexible e-mail and Web monitoring application requires end-user application (www.orchestria.com)

      Sendmails Mailstream Manager Gateway application for monitoring e-mail for compliance (www.sendmail.com)

      Technical Analyst Michael Caton can be reached at michael_caton@ziffdavis.com.

      Check out eWEEK.coms for more on IM and other collaboration technologies.

      Michael Caton
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.
      Get the Free Newsletter!
      Subscribe to Daily Tech Insider for top news, trends & analysis
      This email address is invalid.

      MOST POPULAR ARTICLES

      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Applications

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Cloud

      IGEL CEO Jed Ayres on Edge and...

      James Maguire - June 14, 2022 0
      I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Applications

      Kyndryl’s Nicolas Sekkaki on Handling AI and...

      James Maguire - November 9, 2022 0
      I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2022 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×