Finally we get to do it this year! After god knows how many issues with bad categorisation, terrible support and issue after issue Websense is finally being given the bin.
Now the big question is what do we aim to replace it with?
We've been looking at a good few different vendors to POC but trying to see if theres any we may have missed.
Considerations so far have been:
- Bluecoat: Seems to be the closest direct replacement but we've been warned that since being bought by Symantec they're just ignoring any organisations of our size (government with about 1000 staff). POC was done last year and didn't seem too bad from what I was told.
- zScaler: We've had Citrix in talking about this a few times but very little movement. Will probably have to look at it more.
- Palo Alto: We already have a couple on site for segregation on a small part of our network so we'll be able to use these for a POC. The organisation has traditionally used dedicated proxy appliances so moving to a UTM approach would require a bit of selling (but might go well since our Perimeter firewalls are up for renewal at a similar time). Have to see how well it behaves with multiple AD groups on single users has I've seen this cause problems before (eg having basic access + social media or basic + collaboration ). Also there are concerns about changes in application categorizations can break more then just a few URLs.
- Fortinet: Similar to the Palos with similar concerns. Have used it in a previous role back on v5.2 and thought it worked relatively well.
- Trustwave: Haven't really thought about. Webmarshal has burned me badly in the past.
- Ironport: Doesn't look to have changed or improved in many years.
- McAfee Web Gateway: Hasn't been reaearched much.
Pretty sure thats all we've looked at!
Has anyone been down this path that could offer some advice on things we may have missed or what we should aim for? Our main concerns are application level control, categorization and response times for changes + support along with the fun on multiple AD groups controlling permissions.
Thanks Guys!
No comments:
Post a Comment