Data Loss Prevention

 View Only

  • 1.  Can Symantec Messaging gateway used as Email DLP

    Posted Jan 14, 2014 02:20 AM

    Can anyone tell me, Can Symantec Messaging gateway used as Email DLP. I had seen somewhere to use it for Email DLP. What is advantages and limitation of this. What kind of support we can get from Symantec.



  • 2.  RE: Can Symantec Messaging gateway used as Email DLP

    Broadcom Employee
    Posted Jan 14, 2014 02:27 AM

    Symantec SMG and DLp can be integrated, some of the helpful links

     

    Symantec Messaging Gateway (SMG) - Best Practices: integration with Symantec Network Prevent (DLP)

    Article:TECH187056  |  Created: 2012-04-23  |  Updated: 2012-04-24  |  Article URL http://www.symantec.com/docs/TECH187056

     

    How Symantec Messaging Gateway and Data Loss Prevention Network Prevent interact

    Article:HOWTO92451  |  Created: 2013-10-18  |  Updated: 2013-10-18  |  Article URL http://www.symantec.com/docs/HOWTO92451

     

    Integrating Symantec Data Loss Prevention Enforce Server and Symantec Messaging Gateway

    Article:HOWTO77733  |  Created: 2012-08-20  |  Updated: 2012-08-20  |  Article URL http://www.symantec.com/docs/HOWTO77733

     



  • 3.  RE: Can Symantec Messaging gateway used as Email DLP

    Posted Jan 14, 2014 08:55 AM

    Symantec Message Gateway (SMG) in my mind can be thought of a DLP "light" version compared to the full DLP suite.

    While Pete is correct the SMG can be integrated to work together there are some features of DLP within the product.  For example SMG can block emails based on keywords and patterns (think of this as Described Content Matching) however SMG cannot deal with the advanced detection capabilites that DLP can (EDM, IDM, VML).

    So in one of my enviornments if I send an email w/ a keyword in it, the message gets blocked by SMG, while in another environment I have the full DLP suite doing deeper content inspection.

     

    I hope this makes sense.



  • 4.  RE: Can Symantec Messaging gateway used as Email DLP
    Best Answer

    Posted Jan 16, 2014 05:38 AM

    Salim ,

    You can usse SMG as Email DLP but still it is not effective tool to monitor and protect confidenatil data also you need Web DLP so at some extent you will get some result but u can't expect more from this tool, below some points can be considered,

    • SMG not provides actual information or files on which confidential information detected, it just captures whole attached file as forensics.
    • SMG not allows to set the no. of matches and occurrences to generate incidents this result in increase in false positive incident which may have low or zero severity.
    • SMG cant provides the flexible search criteria/ parameter for details search,  it just provided sender, recipient message ID, subject etc.
    • Auto escalation feature is not present in SMG 
    • No customized access control to protect incident contents, policy, etc. 
    • SMG can’t provide to add any note on any incidents for future reference of incident Mgr.
    • SMG can’t correlate any past violated incidents with new which will not allow us to understand the trend, count and incident type details for future improvements