I experienced first hand the IPS hype cycle working for a vendor, from early commercial products in 2003 to more mainstream adoption in 2006. My NAC vendor experience was shorter but I still was there for the big hype late last year and early this year. Was there a hype for Data Leak Prevention solutions like Vontu, Code Green Networks, Reconnex and GTB? I remember seeing several DLP vendors at RSA this year.
From a vendor standpoint (where I am now), I am seeing a big jump in awareness of DLP technology in our customer base. Granted we focus on the mid-market….there may be even more awareness in the Fortune 1000 and up. The sales are starting to trickle in for this technology as well.
We are also seeing M&A activity in this space. RSA recently acquired Tablus. This is a natural extension given the information life cycle management offerings that EMC (RSA’s parent company) is selling.
So my question remains, Is DLP the next big security technology? Will it follow in the footsteps of IPS and NAC?
–Chris
Technorati Tags: Data Leak Prevention, DLP, Vontu, Code Green, Reconnex, GTB
Popularity: 34% [?]
August 14th, 2007 at 12:26 pm
I sure hope DLP does not follow in the footsteps of NAC; has anyone adopted that technology in the marketplace besides a box for conference rooms?
DLP has much more promise than NAC.
August 14th, 2007 at 4:05 pm
I think what NAC and DLP will *become* closer to being the “next big thing” when they MERGE, but given the absolute car crash that both of these efforts have produced thus far, you’ll have to define what you mean by “big” if you speak of them as markets rather than features…IMHO.
Or, if by “next big thing” you mean that every freaking journalist who has nothing else to write about except the newest squeaky toy fetish to pounce on like a cat possessed, will continue to hype this imperfect technology…then yes again.
IPS vendors that couldn’t cut it have become NAC vendors. NAC vendors who can’t hack it will add additional content security functionality and claim they are DLP vendors, too…until the next kitchy market namespace comes along…
But I’m not opinionated on the topic.
August 14th, 2007 at 9:55 pm
What do you think about Vericept? I thought they were a leader in DLP and you did not reference them.
I’m curious, because of the consulting I do, I want to be sure to invite all the leading players to opportunities.
August 14th, 2007 at 10:39 pm
@ Brad
Having been in the NAC space there is definitely more adoption than in conference rooms alone. I think I get what you mean though…the adoption has not been “stellar” in my mind.
@ Chris
I was thinking in terms of hype / marketing when I say the next big thing. I think you will probably see some IPS vendors jump into the DLP arena if it takes off. Given what signature based IPS products do it’s not a huge stretch to be looking for patterns / fingerprints in files….in theory. Most IPS I know would choke if they had to decode / decompress / inspect every attachment that went down the wire.
@ Lori
I just named some off the top of my head. There are others like Vericept, Provilla, Websense, BigFix, etc.
August 20th, 2007 at 11:53 am
Interesting piece on this last month, ehere the writer says:
“these solutions address data that is being transferred over the network. They do not address data that walks out via USB, hard copy and a number of other removable media formats. You’re going to have to engineer an architecture that addresses all of the vectors, which will take a lot of time, money and resources” etc.
What’s Walking out Your Doors?
http://www.enterpriseitplanet.com/security/features/article.php/3690291
August 21st, 2007 at 9:55 am
Another article from my file on DLP
DLP in Flux
http://www.darkreading.com/document.asp?doc_id=128292