While Safend's anti-tampering features are impressive, they still run within the Windows operating system, and that's an Achilles' heel. We simulated a laptop theft and orchestrated a data leak by booting up our test laptop with a floppy disk and running an NTFS volume reader. We easily swallowed up all the valuable data this laptop had to offer. Whole-disk encryption would have stopped us cold. The Protector client doesn't offer it out of the box, but Safend provides whole-disk encryption with its Encryptor product line. Encryptor can be purchased at an additional cost, so IT shops looking to lock down and encrypt their endpoints can get both features under one roof.
We found Protector's logging, alerting, and reporting capabilities to be more than sufficient. All events that can be locked down by policy can also be configured to centrally alert and report violations. Alerts can be e-mailed, logged to the Windows Event log, or collected from an SNMP trap.
Wi-Fi management is also implemented well with Protector. Policy definitions allow you to force clients to use specific service set identifers and encryption protocols in order to be able to access a Wi-Fi network.
However, Protector falls short in its ability to control whether or not clients might be leaking critical data via Instant Messaging, FTP, peer-to-peer file sharing, etc. Protector isn't application-aware, and that could be a deal breaker for some shops. Protector also can't prevent printing of sensitive data and can't thwart leakage via screen capturing. Safend says these key features will be added in the next release.
Application intelligence also is unavailable with Protector now, although Safend is preparing to add some key features to its product mix with the upcoming release of its first network-level DLP product, Safend Inspector. Set for a third-quarter release, Inspector will fill in some holes in the area of enterprise data discovery and application awareness.
As tested, Safend Protector lists for $13 to $32 per license, depending on volume. Safend Encryptor lists for $29 to $69. Protector and Encryptor can be purchased together. Safend Protector runs only on Windows operating systems, including Windows 2000 SP4, 2003 Server, XP, and Vista.
Randy George is an industry analyst on security and infrastructure topics.