Network Data Loss Prevention (DLP)

Inspect network traffic at an endpoint level with Deep Packet Inspection (DPI). Scan and block SSL traffic, e-mail protocols, HTTP/HTTPS and other data transfer mechanisms with our advanced DLP solution

Enhanced visibility of your data flow
Improved control over your sensitive data
Easy monitoring and reporting of network traffic

The necessity of a Network DLP software

It has been an ongoing debate regarding the best approach to a Data Loss Prevention solution: at an endpoint level or at a network level? Both methods have their own benefits and limitations.

While a network DLP approach provides visibility into network traffic through various ports and protocols, the disadvantage is that content inspection is done after sensitive data like Personally Identifiable Information (PII) or Intellectual Property (IP) has already left the endpoint. An endpoint DLP approach covers the second scenario, but it can have limitations when it comes to the network traffic overview.

Companies traditionally had to choose one or the other. However, there is a better way

Prevent sensitive data loss with DPI

Deep Packet Inspection (DPI) is an advanced traffic analysis method that allows the examination of packets at places on the network which are not endpoints. DPI examines the contents of packets and makes real-time decisions based on the assigned content and context rules. Depending on the discovered confidential information file transfers can be blocked, reported or both, thus providing an important data security layer.

Main features and benefits

Granular control

The DPI feature of Endpoint Protector allows setting up Whitelists and Blacklists. DPI Whitelists allow file transfers to specific domains and URLs, while with Blacklists access to specific websites can be completely blocked. Sensitive data can be easily defined and detected if it is being sent in violation of the information security policies.

Enhanced data protection

Protect data beyond compliance requirements and mitigate insider threats. Scan employee communications without blocking the access completely to apps and web addresses, but only sensitive data sent throughout the network to prevent data breaches.

Intuitive management with predefined policies

Setting up policies does not have to be a hassle. Endpoint Protector includes GDPR, HIPAA, PCI DSS, and file type pre-configured policies, so it is a matter of just selecting and applying the right policy for your network and ensuring protection against data leakage.

Benefits of network DLP at an endpoint level

The Deep Packet Inspection functionality allows organizations to scan and block sensitive information including bank account specific patterns, personally identifiable information, keywords, regular expressions, and others sent through both external and internal networks. It can inspect SSL traffic, e-mail protocols, HTTP/HTTPS and more.

Enhanced data protection

Prevent data leakages outside the company and keep data confidential between departments combining the diverse content-based (keywords, PHI patterns, PII formats, CCNs, and others) and file type policies (office files, graphic files, programming files, and many others).

How network DLP works

Activate your network DLP module within Endpoint Protector 4
Select the network protocols you want to monitor and control
Define your sensitive content policies
Confidential data communications are stopped and reported