Data Loss Prevention

 View Only

  • 1.  Network Prevent Web Secure ICAP

    Posted Apr 09, 2013 09:37 AM

    Hi,

    We are looking at implementing Netowrk Prevent Web with Bluecoat Proxies. Once we have turned on SSL inspection on the Bluecoat the contents will then be passed in clear text via ICAP to the Prevent Web server for inspection, this will cause us PCI DSS issues.

    Are the Network Prevent Web servers able to use Secure ICAP?

    If not has anybody implemented a secure method for connection between the Prevent Web and Bluecoat Proxies?

    Thanks

    Ralph



  • 2.  RE: Network Prevent Web Secure ICAP

    Posted Apr 10, 2013 12:00 AM

    Hi Ralp,

    Please refer below

    http://www.websense.com/content/support/library/deployctr/v77/dic_ws_icap.aspx

    https://www-secure.symantec.com/connect/forums/icap-url-symantec-dlp-web-prevent



  • 3.  RE: Network Prevent Web Secure ICAP

    Posted Apr 29, 2013 01:39 PM

    Hi Ralph,

     

    I don't think that Prevent Web supports SICAP yet.

     

    Regards



  • 4.  RE: Network Prevent Web Secure ICAP

    Posted Apr 30, 2013 08:54 AM

    Hi Ralph,

    Please refer below

    http://www.symantec.com/connect/forums/symantec-data-loss-prevention-dlp-dlp-monitor-and-https-traffic

    http://www.symantec.com/connect/forums/can-we-block-https-traffic-through-symantec-dlp-network-prevent-web

    http://www.symantec.com/connect/forums/how-configure-dlp-exclude-monitoring-specific-network-share



  • 5.  RE: Network Prevent Web Secure ICAP

    Posted Apr 30, 2013 09:06 AM

    Ralph,

    As Leo pointed out, there isn't a way to get this data from one device to another in a secure manner. DLP doesn't yet support Secure ICAP (SICAP) but ICAP is the only way it can get this information. Unfortunately, I don't believe there is a way around this.

    Aaron