Core Processor Adds Content Inspection to Network Security
So Enhanced Software Products became the first core processor to deploy a data content inspection appliance from Code Green Networks of Sunnyvale, Calif.
The Spokane-based core processor is using the company's CI-750 device to secure against data loss and added the ProxySG 210 appliance from Blue Coat Systems, also of Sunnyvale, to block external attacks and optimize WAN access for remote users.
The new solution was deployed as much to protect against any problem data traffic from member credit unions as anything internal.
"We have a very secure data center, but our team realized that it was possible for our customers' employees to transmit financial information via unsecured Web mail and other means," said Matt Lefler, ESP vice president.
"We read up on other solutions but were especially interested in how the Code Green appliance used data fingerprinting and other data classification methods that went beyond just blocking e-mail," Lefler said.
He also cited the predefined policies and document classes and industry-specific lexicons and dictionaries.
"We like that we can define alert policies based on the nature of the incident," Lefler said. "If it's a certain level, the e-mail goes to the department head. If it's more serious it might go to the department head and the technical staff and maybe senior management."
ESP is primarily using the device's database fingerprinting technology, although it also supports other types of inspection and classification.
"We use Code Green to fingerprint the sensitive data on our network and prevent it from leaving the building in an electronic format, whether through internal e-mail, FTP or even Web mail," said Michael Kleinpaste, technical support manager at ESP.
He said the Blue Coat appliance is used primarily as an external gatekeeper but also for some content filtering. "It allows us to prioritize data traffic so tertiary services such as e-mail or Web browsing don't slow down our core products," Kleinpaste said.
Another factor in the system's selection was its ability to require minimal training and disruption at client credit unions.
"We were able to set up the new equipment alongside our network without bringing anything down, and we swapped a couple cables after hours to redirect the data traffic," Kleinpaste said.
Rod Murchison, vice president of marketing and strategic alliances, at Code Green, declined to say how many clients are using the CI-750 but did say about 75% of its sales are to credit unions.
"The Code Green deployment was a perfect fit based on their technical requirements and our presence in the credit union market," Murchison said. "We were able to deploy the Code Green TrueDLP solution within two days and immediately began identifying and remediating security issues."
The first test was for one of the most flagrant red flags-a Social Security number.
"We were able to start testing immediately with a simple SQL query and a test database. We sent out a sample document that contained a phony Social Security number, and the Code Green system immediately alerted us," Kleinpaste said.
ESP is now considering expanding the reach of its new security system. For instance, currently only files are encrypted in outgoing e-mails, not the outbound e-mails themselves. The core processor is considering adopting ZixCorp's encryption key service since it can be automatically integrated with Code Green.
"At this point, we know that the Code Green solution will do a lot more than we're using it for, but we expect to use more of its capabilities as we go along and evaluate the need for them," said Lefler.