We predict that the big winner of our InformationWeek Rolling Review of enterprise-class data loss prevention (DLP) suites will be companies desperate to stop the exodus of sensitive information. Symantec made an exceptionally strong first impression as the previous entry in our bakeoff, and now RSA has wowed us with its DLP suite. There's real competition here, always a great thing for IT. And we aren't even done with our testing--Trend Micro and Sophos are still on deck.
RSA gained its Data Loss Prevention Suite through its acquisition of Tablus in Q3 2007, immediately filling a major hole in its portfolio. In fact, the buy helped kick off a frenzy of acquisition activity that resulted in significant consolidation of early DLP innovators: A few months after RSA gobbled up Tablus, Symantec bought Vontu. McAfee followed suit about a year later, scooping up Reconnex.
RSA isn't resting on its acquisition laurels, though--it's clearly throwing lots of resources at the development of its DLP suite, with a particular emphasis on data classification technology, a point of pride within RSA. According to the company, a team of 12 full-time linguists and advanced semantics engineers are tasked with making RSA's data classification engine as accurate as possible across a wide range of languages and government/industry regulations. That investment appears to have paid early dividends: In December, Microsoft and RSA announced a joint venture to tightly integrate RSA's DLP suite into Active Directory Rights Management Services in Windows Server 2008. Earlier last year, Cisco announced a similar joint venture with RSA to include its data classification technology in various Cisco network, storage, and endpoint policy enforcement products.
In a fashion similar to that of Symantec, RSA has componentized its DLP suite into three core areas--Datacenter, Network, and Endpoint--all centrally managed by the DLP Enterprise Manager server. The RSA suite is mostly software based and can be installed on modest server hardware, with the exception of the Network component, which is delivered as an appliance.
We started our testing by picking apart the Datacenter module. The RSA Datacenter component is responsible for enterprise data discovery and remediation and can support an impressive array of structured and unstructured data sources and file systems.
Structured data sources that RSA can hook into include Sharepoint, Documentum, Microsoft Access, SQL and Oracle databases, and other Web 2.0 and wiki-type sites. We found the range of visibility into unstructured data sources more than adequate and generally on par with the other leaders in the DLP space, including Symantec. Unstructured data source scanning and security can be accomplished across many flavors of Unix and Windows file systems, as well across loose Microsoft Office, PDF, PST, and Zip files located on any server, storage device, or endpoint.