As I warned, I attended a BlueCoat seminar on Wednesday and I’m getting a few days worth of blog posts from that.
In March of 2009, I blogged that I was testing the BlueCoat ProxyClient. The ProxyClient provides URL filtering via WebPulse and also attempts to provide acceleration to VPN users and users on slower network sites. Each feature can be enabled or disabled automatically depending on location. Last year I had ProxyClient deployed to the IT department for quite a while until it was time to test some HTTP SaaS solutions. At that point I uninstalled ProxyClient from all computers. I didn’t return it after I completed my HTTP bake-off. I only renewed with BlueCoat for one year and didn’t want to roll out something and then switch it only a year out.
Looking at this months desktop virus reports, its pretty clear that a large number of the infections occur while systems are remote. Outside the facility they currently only have SEP11 as protection. For a long while I felt that if I was going to offer protection, URL filtering wasn’t good enough. I needed antivirus. But from what I wrote about yesterday with WebPulse, I am now thinking this is a significant step up security wise. Also it doesn’t have the SaaS risk.
To be sure some of our users might revolt if we put one more security product on “their” desktop. But I a strong case can be made for deploying ProxyClient. If you own BlueCoat and you pay for BlueCoat WebFilter, then the ProxyClient is no charge. At most companies, users are increasingly mobile. Unless you’ve got some other strong protections (such as only allowing browsing through an always tunnel vpn connection, and also removing local admin rights) I’d take a strong look at adding this protection.