Code Green's CI-750 content inspection appliance aims to prevent data loss for businesses with as many as 250 network users. It sits between corporate networks and the Internet and actively monitors traffic for confidential customer data or intellectual property. Leaks are reported and, in some cases, may be blocked.
Code Green Networks targets small and midsize enterprises. It provides capabilities similar to those found in other data loss prevention products from companies such as Vericept and Vontu (recently acquired by Symantec) for a fraction of the price.
The CI-750 includes an array of content inspection methods while still being simple to use. Be prepared, however, to get your hands dirty with some basic scripting if you wish to filter unconventional data sources, such as internal wiki pages or svn code repositories. Third-party products are required to block Web and network traffic, and laptops can be problematic.
Few small and midsize enterprises can absorb both the financial and PR damage inflicted by serious breaches targeting sensitive data. And yet, they're often underprotected because data leak prevention products are, overall, simply too expensive. The three entries in our most recent DLP review ranged from $25,000 to $50,000—to start. So it's unfortunate that there's been a significant upswing in cybercrime after a steady five-year decline, according to the 2007 CSI Computer Crime and Security Survey. Insider abuse of network assets is the most prevalent attack, ahead even of viruses, with average losses of around $350,000.
NEWS | REVIEWS | BLOGS | FORUMS TUTORIALS | STRATEGY | MORE
Code Green Networks, which was launched by the founders of SonicWall, aims to tackle this problem. Code Green's newest offering, the CI-750 Content Inspection Appliance, is geared specifically for networks with 250 or fewer users and offers the same features and functionality as its higher-end products, starting at $10,000.
The CI-750 uses "fingerprints" to identify both structured data, such as social security or credit card numbers, and unstructured data like documents, files, source code and so on. Where many DLP products for smaller businesses rely on filtering for certain file types or provide only basic keyword or pattern matching, Code Green's technology creates hash values of the actual data to be protected and scans outgoing traffic for matches.
We found Code Green's fingerprinting technology accurate, and a built-in MTA (mail transfer agent) lets administrators quarantine SMTP traffic that contains sensitive information. However, without the help of third-party proxies, the appliance is blind to encrypted data, and it can't stop inter-network or Web-based traffic. This means the appliance represents only part of the actual cost of a robust DLP system.