- Conduct session-level (not packet-level) inspection of network traffic across all 65,535 network ports. Given most human-readable data in an enterprise is not in plain text formats, visibility requires knowledge beyond an individual packet for network DLP decisions.
- Provide visibility into the protocols, channels, and applications in use on the network. Network data loss prevention solutions need to understand a wide variety of the network traffic to determine how people are communicating and extract information for analysis.
- Ability to extract enterprise human-readable content and related metadata contained within sessions as well as any attachments and compressed files for analysis.
What is Network Data Loss Prevention (DLP)?
Defining Network Data Loss Prevention (DLP)
Network Data Loss Prevention (DLP) software monitors, detects and potentially blocks sensitive data exfiltration while the data is in motion. Network DLP is used to prevent critical information from being transferred outside the corporate network and it’s enforced in some regulated industries where compliance requirements are in place to ensure organizations are able to demonstrate adequate care has been taken to avert the loss or theft of confidential and sensitive information.
Why is Network Data Loss Prevention (DLP) Important?
Network data loss prevention (DLP) capabilities are critical to support compliance, protect intellectual property (IP), and augment employee security awareness. Network DLP is important for detecting and preventing accidental data loss, as well as preventing malicious insiders from intentionally exfiltrating data from the corporate network.
Organizations use network DLP capabilities to support the following use cases:
- Support regulatory compliance efforts around data protection where network DLP is used to detect and prevent compliance policy violations around data movement – and ultimately preventing sensitive data from being transferred out from the corporate network.
- Protect intellectual property from being exfiltrated from the corporate network.
- Visibility of sensitive data and augment employee security awareness. Unintentional policy violations can result in a notification to the user with an explanation to help train proper behavior.
What are the Key Aspects of a
Network Data Loss Prevention (DLP) Solution?
While detection is clearly an important role in network DLP, being able to prevent sensitive data from leaving the network is the ultimate goal.
- Provide multiple sophisticated content analysis technologies to detect sensitive and/or protected information for accurate content recognition.
- Provide a policy engine to implement rules to determine network sessions that violate policy. Policy-based enforcement maps rules to an organization’s content disclosure or network use policies.
- Ability to prevent an individual network session that violates policy across all ports to prevent data leaks across all network traffic, even over non-standard ports.
- Ability to capture metadata on-premises or cloud for up to 360 days for real-time and retrospective analysis.