Clearswift Reduces Web-based Data Loss with Updated Appliance

Full HTTPS content analysis, new reverse proxy deployment option

• By James E. Powell
• 02/22/2008

Clearswift (http://www.clearswift.com) has improved its Web security and data loss prevention features by adding full HTTPS content analysis to its MIMEsweeper Web appliance. Also new in this release is reverse proxy deployment to protect Web servers from malware and other inappropriate content.

According to Alyn Hockey, technical director at Clearswift, the new version “significantly strengthens organizations’ protection against both internal and external threats. With high-profile data breaches dominating the headlines recently, companies need [to] ensure they’re securing all data communication transfers and taking every precaution to prevent data loss.”

HTTPS content analysis allows administrators to apply MIMEsweeper’s content analysis and malware controls (including anti-virus, anti-spyware, file decomposition, and lexical analysis) to HTTPS-encrypted traffic, keeping malicious code and other threats from the Web out of the enterprise. The feature stops encrypted Web traffic from hiding confidential information that can be snatched through SSL connections to Web 2.0 services or other encrypted traffic Internet sites using HTTPS.

The HTTPS option also helps an enterprise exclude Web traffic routes in which inspection could expose an employee’s personal information. For example, administrators can create a rule that excludes specific sites (such as an online banking application) from content scanning but enforces malware scanning.

MIMEsweeper’s reverse proxy feature enables policy-based content security proxy to protect Web servers from malicious or inappropriate file uploads. Organizations can use the feature to can apply full content control policies to any type of upload, including uploads to Outlook Web Access servers.

Hockey notes that the reverse proxy can be used to protect intranet servers as well. “For example, a university could deploy the Web appliance in reverse proxy mode to protect their intranet Web servers from any dubious or malicious content posted to these Web servers by students into forums, blogs, or wikis.”

To help organizations that must adhere to regulations and country-specific data privacy laws and protect confidential and personally identifiable information, MIMEsweeper Web appliance now allows administrators to configure and manage policies for e-mail and Web traffic from a single location and across appliances from the Web appliance console. Furthermore, because the appliance protects against all threats in a single box, IT staff can efficiently manage multiple systems.