Why isn’t DPI inspecting content when VPN add-ons are installed on browsers?
Endpoint Protector is an endpoint DLP solution. As such, content inspection occurs on the endpoint, when a monitored application accesses a file that is being monitored for content (using custom content dictionaries, predefined content, regexes, etc.).
With the introduction of the Deep Packet Inspection functionality, an additional content inspection mechanism that inspect the packets sent to the network is also available. As an enterprise solution, the DPI feature within Endpoint Protector is designed to work in scenarios where only corporate VPNs are used. Such VPN solutions provide various configuration options that can be utilized by a network administrator to correlate the overall, company-wide security policy.
End-users are generally restricted and prohibited from installing their own applications or deploying individual solutions such as VPN add-ons in various browsers. This approach is put in place by network administrators to ensure business continuity, limit exposure and risks and, ensure data security measures are effective.
The DPI feature within Endpoint Protector is not designed to cover scenarios where end-users deploy their own, browser-based add-on VPNs. For such scenarios, the Deep Packet Inspection functionality should be disabled, allowing the default method of confidential content inspection.