Remember the “The Phil Spector Sound”? (I grew up on rock and roll just outside of Philly and when you say Spector, I associate it with Phil Spector or Arlen Spector – my mind is just wired that way….
A business partner of ours in a developing country asked me a security product question today. What is the difference between Spector CNE and Fidelis XPS. Or translated – what is the difference between desktop software on your PC that tracks your keystrokes and surfing habits and a network gateway data loss prevention/extrusion prevention system.
If you are a big company and you need a very good http traffic cop I would recommend Fidelis XPS (due disclosure – my company, Open Solutions, is a Fidelis business partner. We have installed a number of their systems at large accounts and it is a fantastic product in my personal experience).
This is what I told him.
Spector CNE is a very cool product but it requires installing client recorder software on every PC. This is a big downside for most companies.
Spector mitigates the threat of employee misuse of the Internet / AUP enforcement.
Spector uses a client recorder, which is software that must be distributed and installed on every PC in the organization. If the Spector CNE client recorder is not installed – the system cannot detect anything.
Client side recorder software can break Windows, Windows Update can cause the PC with the PC recorder software to become unusable. This happened to one of our clients – after a Microsoft Tuesday update, all 500 users in the customer service center were unable to use their PCs.
This client went on to acquire an extrusion prevention solution from Fidelis.
Fidelis XPS mitigates a wide range of threats to data assets:
- Violations of corporate AUP, Internet misuse
- Data loss from inside the network to public Internet services by employees and
- Data theft from the network perimeter or DMZ by hackers
- Data loss from elevation/abuse of privilege on corporate database servers
- Data loss from exploits by hackers on Web application servers.
Fidelis XPS is based on a Layer 2 sniffing engine which intercepts content from the network at gigabit rates. It doesn’t interfere and is totally invisible since it doesn’t have an IP address. No client software is required.
Fidelis XPS is a bi-directional data loss prevention appliance and decodes and retrieves the data from the network in all protocols and file formats, mail, instant messaging, Web, Webmail, Oracle, DB2, file and print services, Active Directory and LDAP/Open LDAP.
This my experience and it’s based on fighting in the trenches. Comment on this entry and let me know what you think.