Reconnex this week is launching its first product, a LAN appliance that tracks sensitive data as it moves around corporate networks and warns security staff when that data appears to have been compromised.

Called G2 Content Analyzer, the device hangs off monitoring ports on routers and switches searching for customer-designated data and logging any traffic containing that data. The device can filter traffic based on parameters including protocol, source and destination IP address and key words customers define.

Watching out

Software on the device reports where monitored traffic comes from, where it is going, and when and whether it is encrypted. It can trigger alarms to warn security staff that corporate policy about data privacy might have been violated, such as when sensitive data leaves the building over WAN connections.

The G2 is designed to protect against employees who try to read or steal data and those who inadvertently put it in jeopardy, says Reconnex CEO Donald Massaro.

New government regulations require companies to track when certain data leaves their networks, says Paul Hooper, CIO of Extreme Networks, which is beta-testing the G2 analyzer for internal use. Firewalls and anti-virus software address external threats, but "you need to protect outbound as well as inbound," he says.

Other vendors making similar gear include fellow start-ups Vericept and Oakley Technologies, says Eric Ogren, an analyst with The Yankee Group. The Reconnex gear can be installed with little disruption, he says. "They do this passively, without having to reconfigure network equipment or adding to desktop software," he says.

Sounding alarms

Because G2 analyzer is not in the data stream it cannot block traffic. "But they can send alarms and get all the powers that be scurrying about," Ogren says. Alliances with router and firewall vendors are planned so G2 alarms automatically can trigger other devices to shut down sessions that might be leaking private data, Massaro says.

Deciding what types of data should be watched can be daunting for a business, Massaro says, and should be delegated to individual departments to define. Departments then write policies regarding how that data is accessed, and the G2 appliance enforces them.