As email and web applications dominate enterprise infrastructure, more companies are wondering how to ensure appropriate use and reduce the risk of malicious content. Two new reports issued by Forrester Research, Inc., discuss the market trends,
client demands, and the strong offering and market strategy that distinguish McAfee products for web and email filtering. The McAfee acquisition of Secure Computing coincided with these evaluations. The twin reports examined the performance of
the McAfee products (acquired through Secure Computing) against ten other vendors and extensive criteria that reflected customer interviews and end-user inquiries. These detailed evaluations concluded that McAfee is a market leader in both web and email filtering, ranking ahead of the field in critical areas such as filtering functionality,
reputation research, customer satisfaction, and go-to-market partnerships.
Beyond examining the products as they exist today, the reports bring valuable market perspective on the features and characteristics that will matter going forward, as Web 2.0, compliance, cost-cutting, and mobile workforces require IT organizations to
optimize their security infrastructure. These are critical considerations as IT struggles to reduce costs while addressing the demands of the business.
In the past few years, the Web has become a critical social and business medium. Usage in and out of enterprises is increasingly common, and many workers require it for daily business operations.
But with the rise in popularity comes a similar rise in Internet threats, which have also evolved to leverage the Web as its primary attack vector. Malware, which traditionally spreads via spam, now primarily reaches its victims through HTTP activity. Phishing, another prominent threat, is also a Web-centric threat.1 Security and risk management (SRM) professionals are consequently turning to Web filtering - including URL filtering, antimalware, and content filtering - to protect their organizations from these Web-borne threats, allow visibility into employees' Web browsing activity,
and prevent outbound leaks of sensitive content.
But it's not just about combating the next generation of threats. Companies that have an acceptable usage policy regarding Internet browsing also find Web filtering highly useful for gaining visibility into employee Internet activity, gauging business versus non-business bandwidth consumption, and enforcing usage policies. In fact, in Forrester's 2008 security survey of 2,148 enterprises and small and medium-size businesses (SMBs), 74% of the companies we surveyed reported deploying either
passive monitoring or policy-based filtering for their Web communications.2
More specifically, security managers tell us that:
· URL filtering is no longer sufficient. Web filtering originally started out as URL filtering, and many organizations today still use nothing beyond simple URL filtering. URL filtering treats the Web and Web-borne threats in a static way. But many applications today, especially Web 2.0 applications, are virtually indistinguishable from each other when tunneled over HTTP. Deep content inspection is often the only means of telling them apart. For instance, RealMedia uses its own proprietary protocol over HTTP, and Apple QuickTime is only detectable when using real-time streaming protocol (RTSP) over HTTP.
· Data-centric control is becoming essential to companies. Applications such as Web
mail, blogs, wikis, and social networking provide an easy vehicle for content to escape the organization. Without proper monitoring and control, Web communication can become a
hotbed for information leakage. Deep content analysis and data-centric control is on many users' wish lists, yet Web filtering products that offer good data leak prevention (DLP) functionality are few and far between.
· Mobile and remote filtering are increasingly important. "Road warrior" workers today
increasingly spend time outside of the corporate boundary. Distributed organizations with
satellite offices are seeking a Web filtering approach without requiring expensive traffic backhauling. A gateway-centric architecture is ill-equipped for a dynamic or distributed environment since not all employees are guaranteed to funnel through any particular site. Alternative solutions, such as cloud-based filtering or a hybrid premise- and cloud-based deployment, allow branch office and mobile workers to access the Internet directly but at the same time permit the corporation to retain centralized policy management.
