This issue has been solved.

Symantec DLP understanding and benefit

Created: 10 Dec 2012 • Updated: 11 Dec 2012
Login to vote
+2 2 Votes

Hi All,

As I am new to this community and just wanted to know the DLP understanding and benefit so that i can understand it well. I am not properly aware of this product. Can anyone share a notes/PPT/resource to understand DLP.

 

Thanks in advance

 

Quick Look Solution

Hi Ansh, Please refer

Hi Ansh,

Please refer below

 

Key Features

  • Discover—Find confidential data wherever it is stored, create an inventory of sensitive data, and automatically manage data cleanup.
  • Monitor—Understand how confidential data is being used whether the user is on or off the corporate network, and gain enterprise visibility.
  • Protect—Automatically enforce security policies to proactively secure data and prevent confidential data from leaving an organization.
  • Manage—Define universal policies across the enterprise, remediate and report on incidents, and detect content accurately within one unified platform.

Key Benefits

  • Reduce proliferation of confidential data across enterprise data centers, client systems, remote offices, and end-user machines.
  • Identify broken business processes transmitting confidential data.
  • Monitor and protect communications of sensitive content to public websites.
  • Define and deploy universal policies across the enterprise.

 

 

The Vontu DLP system is a complete all around solution, 

  • Vontu Enforce - the enforce server is the heart of the system. This is the main console of the system where we will define all the rules, control all of the servers, treat incidents and generate reports. (This server is mandatory)
  • Vontu Endpoint Server - the endpoint server is responsible to deploy policies to the endpoints on our network. The endpoint server is the server that all clients report to.
  • Vontu Discover/protect - the discover/protect server is responsible for scanning the databases and fileservers in the organization. The discover server only has the option to alert on confidential data the is found.  The protect server has the ability to do something about the information. The server can either copy the file to another location (still keeping the file in the same location) or quarantine the file, and leave a marker file that will point the employee to the security department.
  • Vontu Network:
  1. Network Monitor - we talked about this server before in Chapter One. This is a server that "taps" in to our network (using mirror/SPAN port) and then analyzes the network traffic.
    It should be mentioned that the server is completely passive and has no proactive abilities, it will provide us with valuable information, but it won't stop the data flow.
  2. Network Prevent (Web) - web prevent has the ability to analyze and block/alter traffic that is going out to the internet/intranet (depending on the location being used).
    The server receives traffic using the ICAP protocol from a proxy server.
  3. Network Prevent (Mail) - mail prevent has the ability to analyze and block/alter mails sent from the organization. The mail prevent server receives mails from the organizational 
    MTA (Mail Transfer Agent).

https://www-secure.symantec.com/connect/articles/chapter-1-concept-dlp-define-what-confidential-and-find-where-it-stored

https://www-secure.symantec.com/connect/articles/chapter-2-concept-dlp-monitoring-and-blocking-confidential-data

https://www-secure.symantec.com/connect/articles/what-protection-does-symantec-dlp-provide-note-beginners

Filed Under

Comments

Ashish-Sharma's picture
Ashish-Sharma
Accredited
10
Dec
2012

Hi, Check this artical What

Hi,

Check this artical

What Protection Does Symantec DLP Provide? A Note for Beginners

https://www-secure.symantec.com/connect/articles/what-protection-does-symantec-dlp-provide-note-beginners

What Protection Does Symantec DLP Provide? A Note for Beginners- Part-2

https://www-secure.symantec.com/connect/articles/what-protection-does-symantec-dlp-provide-note-beginners-part-2

Thanks In Advance

Ashish Sharma

 

 

Ashish-Sharma's picture
Ashish-Sharma
Accredited
10
Dec
2012

Key Benefits Reduce

Key Benefits

  • Reduce proliferation of confidential data across enterprise data centers, client systems, remote offices, and end-user machines.
  • Identify broken business processes transmitting confidential data.
  • Monitor and protect communications of sensitive content to public websites.
  • Define and deploy universal policies across the enterprise.

Reference

http://www.symantec.com/data-loss-prevention

Check this artical also

http://www.symantec.com/about/news/release/article.jsp?prid=20111004_01

 

Thanks In Advance

Ashish Sharma

 

 

kishorilal1986's picture
kishorilal1986
Accredited
11
Dec
2012
SOLUTION

Hi Ansh, Please refer

Hi Ansh,

Please refer below

 

Key Features

  • Discover—Find confidential data wherever it is stored, create an inventory of sensitive data, and automatically manage data cleanup.
  • Monitor—Understand how confidential data is being used whether the user is on or off the corporate network, and gain enterprise visibility.
  • Protect—Automatically enforce security policies to proactively secure data and prevent confidential data from leaving an organization.
  • Manage—Define universal policies across the enterprise, remediate and report on incidents, and detect content accurately within one unified platform.

Key Benefits

  • Reduce proliferation of confidential data across enterprise data centers, client systems, remote offices, and end-user machines.
  • Identify broken business processes transmitting confidential data.
  • Monitor and protect communications of sensitive content to public websites.
  • Define and deploy universal policies across the enterprise.

 

 

The Vontu DLP system is a complete all around solution, 

  • Vontu Enforce - the enforce server is the heart of the system. This is the main console of the system where we will define all the rules, control all of the servers, treat incidents and generate reports. (This server is mandatory)
  • Vontu Endpoint Server - the endpoint server is responsible to deploy policies to the endpoints on our network. The endpoint server is the server that all clients report to.
  • Vontu Discover/protect - the discover/protect server is responsible for scanning the databases and fileservers in the organization. The discover server only has the option to alert on confidential data the is found.  The protect server has the ability to do something about the information. The server can either copy the file to another location (still keeping the file in the same location) or quarantine the file, and leave a marker file that will point the employee to the security department.
  • Vontu Network:
  1. Network Monitor - we talked about this server before in Chapter One. This is a server that "taps" in to our network (using mirror/SPAN port) and then analyzes the network traffic.
    It should be mentioned that the server is completely passive and has no proactive abilities, it will provide us with valuable information, but it won't stop the data flow.
  2. Network Prevent (Web) - web prevent has the ability to analyze and block/alter traffic that is going out to the internet/intranet (depending on the location being used).
    The server receives traffic using the ICAP protocol from a proxy server.
  3. Network Prevent (Mail) - mail prevent has the ability to analyze and block/alter mails sent from the organization. The mail prevent server receives mails from the organizational 
    MTA (Mail Transfer Agent).

https://www-secure.symantec.com/connect/articles/c...

https://www-secure.symantec.com/connect/articles/c...

https://www-secure.symantec.com/connect/articles/w...

11
Dec
2012

Thanks kishorilal and Ashish

Thanks kishorilal and Ashish for ur valauble note