Data Loss Prevention

 View Only
  • 1.  API's for DLP

    Posted Jan 17, 2014 12:00 PM

    I have a client interested in integrating DLP (Vontu) with Axway's managed file transfer gateway.  The specific use case is to call DLP to scan a file prior to encrypting and sending that file on to it's intended recipient.  Is there an API we can call within DLP for this functionality?



  • 2.  RE: API's for DLP
    Best Answer

    Broadcom Employee
    Posted Jan 17, 2014 12:38 PM

    Take a look at the Symantec Data Loss Prevention Endpoint FlexRespnse Plug-in Developers Guide, at https://kb-vontu.altiris.com/article.asp?article=54822&p=4



  • 3.  RE: API's for DLP

    Posted Jan 24, 2014 05:15 AM

    Hello,

    while the FlexResponse allows you to integrate with other applications AFTER a file has been scanned you might want to look another tool or API.

    If you need a file checked by DLP i would suggest using the ICAP functionality of DLP. So you will need to set up DLP Network Prevent for Web and this will give you the option to run a DLP scanner as an ICAP server. The application can then send any file to the ICAP server interface over the network and will receive a status code if the file contents triggered any policy.

    ICAP is the same protocol that is used by virus scanners to scan e.g. web requests.

    More detail about ICAP can be found here:
    http://tools.ietf.org/html/rfc3507

    A proof of concept ICAP client in C# that works with Symantec DLP can be found here:
    http://code.google.com/p/simple-icap-client-csharp/

    This project is open source and you can modify the code according to your needs.