How we tested dlp products

This test was conducted at the Iowa State University Internet-Scale Event and Attack Generation Environment (ISEAGE) Laboratory. Our test network consisted of a Windows 2008 domain controller, an Exchange 2007 server and edge transport server, a MSSQL 2008 server, a Windows 2008 file and print server, two Red Hat Web and mail servers (one internal and one external), two FreeBSD routers, and a Windows XP client.

Each vendor was required to either ship an appliance and the required software to ISEAGE or to make the necessary software available to download. Each vendor was given latitude to provide installation support as they would for a typical customer. For this, McAfee elected to send two technicians to Ames, and Sophos chose to give us an online training session. Further support was obtained on an as-needed basis, from the engineer assigned to us by each vendor.

McAfee did not feel comfortable using Squid as a Web proxy to relay data to their DLP appliance, so they elected to provide us with a copy of the McAfee Web Gateway software. They also provided the McAfee Mail Gateway software, which is required to relay mail to the DLP appliance.

After the management systems and appliances were running and configured, the endpoint software was installed on each of the clients. After verification of the connectivity of each endpoint with its management server, we went through each management interface and explored its functionality – specifically looking at whether it could achieve all of the objectives we defined.

Return to main test.