Reconnex upgrades network monitoring appliance

Security vendor Reconnex on Monday introduced an upgrade to its network content monitoring appliance that is designed to give corporations greater control over protecting intellectual property and privacy.

Version 5.0 of iGuard 3600 includes enhancements that focus on helping enterprises find sensitive data at rest in the organization so that it can be flagged for alerting and blocking if viewed by an unauthorized user or sent out of the organization against company policies. The upgrade includes new tools to help customers analyze and update their rules that decide what is considered sensitive and how that information should be handled, says Faizel Lakhani, vice president of marketing with Reconnex. These new features go beyond the previous versions, which centered on alerting customers when sensitive information was being viewed by unauthorized users or leaving the company.

"The [information leakage] problem has three phases: Before information is leaked, how do I find where it is sitting at rest in the network; preventing it from leaving the network; and how do I know I set all the rules correctly?” Lakhani says.

Version 5.0 uses a concept-vectoring technique to help organizations break complex ideas down into sets, communities and channels that the product can then search for and protect, he says. When used in conjunction with iGuard’s capture capabilities, organizations can feed words, phrases, languages and circumstances into the system that define intellectual property and how it should be handled. To help in this information discovery process, version 5.0 automatically scans and registers sensitive data at rest in repositories or files and includes prebuilt templates for managing risk, Lakhani says.

If an information breach does occur, version 5.0 includes tools that can reconstruct how it took place in an effort to prevent it from happening again, he says. The product can feed intelligence to switches, proxies, encryption servers and e-mail gateways to help prevent sensitive information from leaving the organization.

Also new in this version is the ability to administer multiple iGuard installations from a single console.

Reconnex competes with a number of other companies in the market for information leakage protection, including vendors such as PortAuthority, Oakley, Vontu and Vericept. According to Lakhani, it’s the product’s ability to not only protect sensitive information that is predefined, such as nine-digit Social Security numbers or 16-digit credit card numbers, but also intellectual property stored a variety of forms that distinguishes Reconnex from the competition.

One of the features that sets apart this category of products from other network gear that can also monitor transactions on a network is the ability to report on actions in a manner that makes an incident easy to understand – and to prove – by people outside of the IT department.

“If you go back and look at intrusion-detection systems, they’re so low-level that you have to be a true techie to understand the pattern flows…and once you start speaking in those terms, management rolls its eyes back, they don’t know what you’re talking about,” says Mark Moroses, senior director of technical services and information security officer with Maimonides Medical Center in Brooklyn, N.Y., who has been using Reconnex’s product for about three years. With Reconnex “you have evidence [of an incident] in black and white in a form that a pseudo-technical person can understand.”