Last night I went to a security solutions event, BlueCoat and SourceFire were the vendor presenters. BlueCoat has a pretty cool product that is a 'hybrid web gateway' in market-speak. Basically it is a SaaS Internet filter/proxy appliance that taps the Internet habits of ~67 million users worldwide to decide what is good and what is 'badness' as the BlueCoat guy called it. There's a hilarious cartoon intro to the product online. Nice to see a company that can harness the power of humor instead of staying boring 100% of the time.
Apparently over the last 3 years BlueCoat has been building their user base for this cloud based crowd-sourcing of web traffic and then uses a combination of automated analysis, threat history, and some human analysis where needed to analyze what sites or parts of sites should be blocked. They also have a free version of the proxy software for home users called K9 that uses the same back end database/threat list:
http://www.k9webprotection.com/
The presenter shared how when he put the software on his 13 year old son's new laptop that within 2 days he heard the software make a barking sound (without warning him in advance that he had gone big brother) and then waited for the explanation. He said 1st his son threw a friend under the bus, but then did fess up.
The SourceFire preso was also interesting, some talk about security needing context and some current threat discussion. SourceFire's IDS/IPS seems to have a good product and interface, at least when compared to the only IDS/IPS I have experience with which is Cisco Intrusion Manager Express (IME) for which I have feelings between apathy and distaste (1).
References:
1. The head of IT at Davenport was the first person I heard use the phrase 'between apathy and distaste' speaking about how users felt about their email system before moving to Google Apps.
No comments:
Post a Comment