Websense, Inc. the world's leading provider of employee Internet management (EIM) solutions, has announced general availability of Websense Enterprise Client Policy Manager (CPM), a desktop security solution that fills critical end-point gaps in today's multi-layered enterprise defense systems. CPM greatly mitigates exposure to security threats, productivity risks, and help desk challenges, delivering a powerful last line of defense to our customers. A fully functional 30-day free trial version of CPM is available for download on the company's Web site.
CPM complements firewall and antivirus (AV) solutions, bolstering the network defense grid by enabling companies to establish and enforce policies for how and when applications can be launched on corporate desktops, laptops and servers. These end-point platforms are increasingly targeted by malicious attacks, as well as so-called "zero-day" assaults that are difficult to combat because they exploit newly identified commercial software vulnerabilities before countermeasures are available and deployed.
CPM's policy-based, end-point protection enables companies to defend themselves against the top security threats identified in Websense's recently released fifth annual Harris Interactive Web @ Work study, an annual survey of employees and information technology (IT) managers that explores security and productivity issues posed by Web usage at work. Topping the list of threats was spyware, a type of eavesdropping code that employees can unwittingly introduce into the enterprise when visiting Web sites or using peer-to-peer (P2P) file sharing programs on their desktop or laptops.
In addition to spyware, CPM defends against the launching of employee hacking tools from any desktop, laptop or server, against virus-laden attachments that find an unmanaged network entry point such as via instant messaging (IM) or P2P programs, and against other emerging and blended desktop security threats. CPM also enables IT managers to manage the usage of productivity-draining but otherwise safe desktop applications such as games and streaming-media usage.
"Websense has now extended the power of our enterprise Web-filtering platform and central management console to corporate desktops, laptops and servers, enabling IT managers to fill a critical gap in their defense against malicious and zero-day attacks," said Geoff Haggart, vice president Europe, for Websense. "Today's sophisticated attacks generally bypass traditional security perimeters, infiltrating mission-critical networks through the employee's desktop or laptop."
Most employees are unaware this is happening, or that they could in fact be contributing to the security compromise. CPM solves this serious problem by working in tandem with desktop AV and firewall solutions to block unauthorised or risk-prone applications.
How CPM Works
As soon as IT security administrators become aware of a virus or worm attack, they can use CPM in "lockdown mode" to immediately implement a desktop-level usage policy at the application, protocol or port level, or across the entire network. CPM protects companies during this zero-day window of exposure well in advance of the availability of applicable signatures from antivirus companies. By enabling IT administrators to control application, port and/or network access in real time, CPM easily and effectively prevents the further spread of infections during this window of greatest exposure.
CPM derives its policy-management power from a highly sophisticated database of categorised desktop applications. Websense architected this application database with the same technology used to build its best-of-breed Web filtering database. With more than 50 categories, the application database is automatically and continuously updated as new applications are identified. CPM's AppCatcher(tm) tool automatically and anonymously captures unknown applications so that policies can be adapted to best address the organisation's most relevant applications and protocols. CPM removes a laborious administrative burden from IT personnel, frees users from having to make critical security decisions regarding what applications they can safely run on their desktops, and protects the network from unauthorised application usage and Web-bourne security threats.
The product also includes Websense Enterprise Explorer for CPM, an interactive, Web-based forensics and analytics tool that enables IT administrators as well as business managers to quickly detect potentially harmful and unauthorised desktop application use. Other integral tools include CPM Reporter, a browser-based reporting tool that provides "out-of-the-box" application launch and inventory reports that can be automatically scheduled and distributed, and Inventory Manager, which inventories and categorises hardware components, desktop applications and executables, enabling early detection and reporting of spyware, hacking, P2P, IM and other applications. For deployment, CPM includes an easy-to-use yet powerful enterprise desktop deployment engine.