Blue Coat, Websense, and the Need for Proactive Web Security

October 20, 2011 - By Sasi Murthy

Here at Blue Coat, we have a legacy of providing our customers with the best threat protection, control and high performance they expect.

Today, best-in-class web security demands a solution that can stop malware before it reaches your users. At Blue Coat, we have been investing to more effectively identify, track and characterize malnets (malicious networks), the infrastructure used to deliver malware, so we can proactively protect users from the attacks they launch. More than ever, cybercriminals can leverage mass market malware for low investment, high impact attacks. And understanding malnets is the only way to isolate malware sources and proactively block new attacks, regardless of attack type, content, zero-day exploits or payload.

With this commitment to web security in mind, Blue Coat was forced to make a business decision to discontinue support of Websense filtering on ProxySG appliances beginning with the next SGOS release, v6.3. This decision was based on the fact that the Websense v7 database is NOT backwards compatible with ProxySG appliances. Intentionally and consistently, Websense has withheld technology updates from us, leaving our combined customers exposed to greater risk. Most recently, the current v7 of the Websense filtering database was released without support for customers using Blue Coat ProxySG appliances. This resulted in customers receiving incorrect results for specific URLs, based on the inaccuracies in the older v6 Websense database (the last database that Websense provided for ProxySG). As one example, many customers were blocking based on an inaccurate categorization by Websense that placed the site into the category ‘none.’ As a best practice, many of our customers apply a ‘Deny’ access security policy to uncategorized content, inadvertently blocking the popular search engine.

The decision from Websense to stop supporting backwards compatibility resulted in unacceptable customer issues that left Blue Coat no choice. However, we are committed to our customers and will continue to support the small number that are impacted by this change. Active SGOS releases up to v6.3 support Websense filtering, and we will continue to support those releases for several years.

Looking forward, we know that businesses large and small need enterprise-grade web security. This is the security that Blue Coat pioneered and is used by 85% of FORTUNE Global 500 companies. It’s a level of security that Websense simply can’t deliver. When it comes to proactively protecting your users from web-based threats, Websense just doesn’t make sense.

Don’t take my word for it, though. A recent third party competitive test performed by Broadband Testing evaluates our solutions. See the results at