Asia's Source for Enterprise Network Knowledge

Sunday, April 20th, 2014

Secure data storage

Symantec melds DLP, archiving into information risk management

Symantec Corp. delivered data leakage prevention (DLP) and email and archiving product announcements inside an information risk management (IRM) wrapper. Analysts say it's not only good marketing, but also a convincing message as enterprises move to data-centric security policies and practices.

'You could say that this is just three different products they are packaging together, but companies are starting to buy in this way,' said Jon Oltsik, senior analyst at Enterprise Strategy Group Inc. 'They're starting to look at the information assets and buy around it, versus the old way of buying security products for the infrastructure and leaving the information to other people.'

The strategy is aimed at integrating Symantec's strong portfolio of tools, both conceptually under the IRM umbrella, and literally, protecting and managing data across a range of formats and channels. The process took a step ahead last year, integrating their email security products with the Enterprise Vault archiving solution, so email can be processed, classified and stored for easy discovery and retrieval.

The announcement was made a day before Symantec said it would acquire MessageLabs in a $695 million deal. The company said it would offer MessageLabs' Web security and instant messaging protection as a service.

As part of its new risk management strategy, Symantec is using its own technologies and those it acquired from Brightmail Inc. and Vontu Inc. The former Altiris management platform is gradually enabling tight product integration and central management.

'It's more than simply positioning,' said Angelos Kottas, manager of message security marketing at Symantec. 'It's increasingly difficult and expensive to manage information in your enterprise. We're providing a roadmap for how customers implement information risk management. We have various pieces in place today and plans for various additional pieces over time,' Kottas said

The product announcements focused on new releases of Symantec's email products, rechristened Symantec Brightmail Gateway -- bowing to Brightmail's persistently strong brand recognition -- and Symantec Data Loss Prevention (formerly Vontu).

The email gateway features enhanced reputation filtering, building up its global reputation filtering capabilities -- through investment in infrastructure rather than new technologies -- and detecting distributed low-volume spamming systems and legitimate machines that have been compromised to pump out spam. The new release also speeds response time through dynamic DNS lookups.

In addition, Brightmail Gateway now features resource allocation, which is basically traffic throttling to give priority to known good sources and slow suspected sources to a trickle.

The DLP product now provides an intelligent agent that allows enterprises to enforce information control policies for computers that are off the corporate network and report back when they come back on. According to Jennifer Ellard, Symantec's senior product marketing manager of data loss prevention, a new Symantec study shows that while only 5% of data loss incidents are malicious, that percentage, not surprisingly, goes up when laptops are off the LAN, when employees think no one is watching.

SearchSecurity radio:

This version also uses Altiris technology to deploy and manage DLP endpoint agents. Ellard conceded that many installations were stuck in the pilot stage because of weak deployment capabilities.

ESG's Oltsik thinks that Symantec has a sound approach.

'It's about holistic, discovery, classification and policies more than just tools,' he said. 'You're not going to get a lot of people who overnight just move to that kind of architecture, that kind of strategy. Symantec is sowing seeds here. If the strategy seems like good idea, then they may get some of the product sales. If the product is good, they may get some of the strategic and architectural sales down the line.'