Websense
Encyclopedia
Websense is a San Diego
San Diego, California
San Diego is the eighth-largest city in the United States and second-largest city in California. The city is located on the coast of the Pacific Ocean in Southern California, immediately adjacent to the Mexican border. The birthplace of California, San Diego is known for its mild year-round...

-based company specializing in Web
World Wide Web
The World Wide Web is a system of interlinked hypertext documents accessed via the Internet...

 security gateway software
Content-control software
Content-control software, also known as censorware or web filtering software, is a term for software designed and optimized for controlling what content is permitted to a reader, especially when it is used to restrict material delivered over the Web...

. It enables clients (businesses and governments) to block access to chosen categories of websites.

History

Websense was founded by Phil Trubey in 1994. It went public in the year 2000.

Apart from Web
World Wide Web
The World Wide Web is a system of interlinked hypertext documents accessed via the Internet...

 filtering, also known as Internet
Internet
The Internet is a global system of interconnected computer networks that use the standard Internet protocol suite to serve billions of users worldwide...

 content-control software
Content-control software
Content-control software, also known as censorware or web filtering software, is a term for software designed and optimized for controlling what content is permitted to a reader, especially when it is used to restrict material delivered over the Web...

, the company provides email security, and data loss-prevention technology. The software also tracks individual internet usage, and its reports can be data drilled
Data drilling
Data drilling refers to any of various operations and transformations on tabular, relational, and multidimensional data...

 by "risk class, category, URL, application, user, workstation, dates, and more."

Websense allows system administrators to block access to web sites and other protocols based on categories. These contain lists of sites that may be blocked at will, either at specified times or permanently. The software offers clients a continue button which permits users to access an otherwise blocked category if it is work related.

Policies can be produced that control either previously identified information that contains 'tags' such as account numbers, credit card records or any combination of many variables. A score is assigned based on a pre defined set of rules and an action applied. The process can be entirely automated but relies upon either pre set policy templates or bespoke rule sets that are developed in house.

The policies or rules that are applied, define what happens at every stage, like most processes the quality of the output depend on the quality of the input. Getting the policies right is critical.
Traditional Information Security processes such as Risk Assessments and Information Asset Registers are important as they provide the information needed to create policies that work for particular situations. Although good policy templates are free out of the box, getting the most from them takes some tuning.

Products through acquisition

SurfControl
SurfControl
SurfControl Plc., was a British software company based in Cheshire, England. The company provided website filtering, e-mail filtering and desktop security software for both enterprise and home users....

 was acquired by Websense on October 3, 2007. Websense has indicated it will continue the Surfcontrol business with a full staff until at least 2011.

Websense's proprietary "Deep Content Control" is software designed to protect confidential information. The company says it is a combination of its ThreatSeeker and PreciseID technologies. PreciseID uses software first developed for the Israeli military. The company has a Data Loss Prevention product
Data loss prevention products
Data Loss Prevention is a computer security term referring to systems that identify, monitor, and protect data in use , data in motion , and data at rest Data Loss Prevention (DLP) is a computer security term referring to systems that identify, monitor, and protect data in use (e.g. endpoint...

 called Information Leak Prevention, which was developed by the Israel-based data security company PortAuthority Technologies. In December 2006 Websense bought PortAuthority for $90 million. Announcing the take-over, Websense said that it was "committed to maintaining the company's research and development presence in Israel."

On January 27, 2009, Websense acquired Defensio, a security company specialized in blog plugins that help to fight spam and malicious links in the comment sections of blogs. This will help expand its ThreatSeeker Network and could be used by webmasters to warn as soon as suspicious content is posted to their websites.

Partnership with Facebook

On October 3, 2011, Facebook
Facebook
Facebook is a social networking service and website launched in February 2004, operated and privately owned by Facebook, Inc. , Facebook has more than 800 million active users. Users must register before using the site, after which they may create a personal profile, add other users as...

 and Websense announced a partnership in order to protect its users from dangerous links that lead to malicious websites and malware sites. According to TechCrunch
TechCrunch
TechCrunch is a web publication that offers technology news and analysis, as well as profiling of startup companies, products, and websites. It was founded by Michael Arrington in 2005, and was first published on June 11, 2005....

, “Going forward, when a Facebook user clicks on a link, the new system will first check the link against Websense’s system to determine whether or not it’s safe. If it’s not, a message is displayed warning the user that the link is potentially harmful and suggests you return to the previous page.”

Controversy

Blocking errors

On occasion, Websense's filter has categorized notable sites in error. In 2007 Norman Finkelstein
Norman Finkelstein
Norman Gary Finkelstein is an American political scientist, activist and author. His primary fields of research are the Israeli-Palestinian conflict and the politics of the Holocaust. He is a graduate of Binghamton University and received his Ph.D in Political Science from Princeton University...

 and Noam Chomsky
Noam Chomsky
Avram Noam Chomsky is an American linguist, philosopher, cognitive scientist, and activist. He is an Institute Professor and Professor in the Department of Linguistics & Philosophy at MIT, where he has worked for over 50 years. Chomsky has been described as the "father of modern linguistics" and...

's websites were blocked by network administrators blocking the 'racism/hate speech' category for approximately 24 hours until Finkelstein complained. In 2009, Websense briefly classified router company Cisco
Cisco
Cisco may refer to:Companies:*Cisco Systems, a computer networking company* Certis CISCO, corporatised entity of the former Commercial and Industrial Security Corporation in Singapore...

's website under 'hack sites'. The blocking of cisco.com was solved in less than 24 hours, but it illustrates that the problem of false alarms is not restricted to antivirus software. Websense has a submission form on the website to report mistaken categorization. .

In a 2005 report the Rhode Island branch of the American Civil Liberties Union called Websense a deeply flawed technology. It refers to an earlier 2001 report on the inaccuracy of the software, and notes that the Children's Internet Protection Act
Children's Internet Protection Act
The Children's Internet Protection Act requires that K-12 schools and libraries in the United States use Internet filters and implement other measures to protect children from harmful online content as a condition for the receipt of certain federal funding...

 was struck down in 2002 by a federal court in a decision that was partly based on similar reports. It further notes that, although the blocking technology has improved over the years since 2002, it still remains a "blunt instrument" and that in public libraries equipped with Websense people of all ages "are still denied access to a wide range of legitimate material."

In 2011 it was reported by a blogger that Websense would block pages that contained pornographic links anywhere in its content, even in the comments section; "a malicious attacker could get your whole site blocked at any time by the simple procedure of leaving dangerous, malicious or pornographic links in a blog's comments".

Usage by governments

In 2004 Amnesty international
Amnesty International
Amnesty International is an international non-governmental organisation whose stated mission is "to conduct research and generate action to prevent and end grave abuses of human rights, and to demand justice for those whose rights have been violated."Following a publication of Peter Benenson's...

 listed Websense as one of several foreign companies which had reportedly provided technology that was used to censor and control the use of the Internet in China.

In 2004 the OpenNet Initiative
OpenNet Initiative
The OpenNet Initiative is a joint project whose goal is to monitor and report on internet filtering and surveillance practices by nations. The project employs a number of technical means, as well as an international network of investigators, to determine the extent and nature of government-run...

 reported that Websense technology was used by the government in Yemen
Yemen
The Republic of Yemen , commonly known as Yemen , is a country located in the Middle East, occupying the southwestern to southern end of the Arabian Peninsula. It is bordered by Saudi Arabia to the north, the Red Sea to the west, and Oman to the east....

 to enforce censorship of the internet. In 2008 it was denounced again by the Yemen Times
Yemen Times
The Yemen Times is unified Yemen's first and most widely-read independent English-language newspaper. The paper is published twice-weekly and has its own printing press, advertising associates and news service....

. The company has a policy of not making business with governments that force censorship of the internet or oppress rights. The only exceptions are for preventing minor from watching adult content and for child pornography. In 2009 it issued a statement about how they were discontinuing the database downloads to the Yemeni ISP, due to the violation of its stated policy. but reporters from ONI infer that Websense software was still being used by Yemen’s ISP, YemenNet, to censor Internet access as late as August 2010. Websense was finally discontinued in Yemen sometime around January 2011 and apparently it is no longer being used in any Middle East or North Africa country.

On November 1, 2011, Websense General Counsel, Michael Newman, released a public letter to “challenge all other American technology vendors to join us in prohibiting repressive regimes from using American technology to prevent open communications.”

The letter’s call for action included, “If you are an executive at a security company that makes software that can be used to censor internet activity in repressive regimes, we ask that you support the right course of action and stop selling repressive tools to oppressive regimes.”

In response, the Electronic Frontier Federation noted, “Websense is pointing to the technology sector in the direction of promoting freedom; BlueCoat represents the aiding oppressors. The choice for other tech companies is clear, and kudos to Websense for leading the way.”

Further reading

  • Access Denied: The Practice and Policy of Global Internet Filtering, Ronald Deibert, John G. Palfrey, Rafal Rohozinski, Jonathan Zittrain, MIT Press, 2008. ISBN 0262541963, 9780262541961

External links

  • Critical review of Websense at Peacefire
    Peacefire
    Peacefire is a U.S.-based website, with a registered address in Bellevue, Washington, dedicated to "preserving First Amendment rights for Internet users, particularly those younger than 18". It was founded in August 1996 by Bennett Haselton, who still runs it...

     (Blocked by Websense for providing "Proxy Avoidance
    Proxy server
    In computer networks, a proxy server is a server that acts as an intermediary for requests from clients seeking resources from other servers. A client connects to the proxy server, requesting some service, such as a file, connection, web page, or other resource available from a different server...

    ")
  • Discussion of global net filtering, Berkman Center for Internet & Society, Harvard, March 2008
  • Global survey of Web filtering & blocking: Rebecca MacKinnon at Web 2.0 Summit, November 2008
The source of this article is wikipedia, the free encyclopedia.  The text of this article is licensed under the GFDL.
 
x
OK