19
Enterprise Data Loss Prevention Content-Aware Reverse Firewall

Gtb Dlp Suite Presentation

Embed Size (px)

Citation preview

Page 1: Gtb Dlp Suite Presentation

Enterprise Data Loss Prevention Content-Aware Reverse Firewall

Page 2: Gtb Dlp Suite Presentation

Apple, Inc. 60,000 users

American Greetings 8,000 users

Bureau of Indian Affairs (US

Government DOI) 7,500 users

Citgo Oil Company 4,500 users

ESL Federal Credit Union 1,200 users

SAFE Credit Union 750 users

San Mateo Credit Union 650 users

Sample Customers

GTB DLP Suite-Confidential Slide 2

Page 3: Gtb Dlp Suite Presentation

What the analysts say:

Copyright 2010 GTB DLP Suite-Confidential Slide 3

Page 4: Gtb Dlp Suite Presentation

GTB Patent Pending

Copyright 2010 GTB DLP Suite-Confidential Slide 4

1. DLP and DLD for inspecting all outbound content and

comparing it to stored data

2. DLP and DLD for inspecting all outbound content using

search index of confidential data

3. DLP and DLD for inspecting all outbound content

using multiple fingerprints of confidential data

Page 5: Gtb Dlp Suite Presentation

GTB Inspector Reverse Firewall

• Scans all outbound traffic

• Highest accuracy

• Able to block without a proxy server

• File format agnostic

GTB Endpoint DLP

Device Control

• Discovers devices

• Protects devices

• Audits devices

• Controls devices

• Content-Aware

eDiscovery

Search & Classification

• Scan Desktops

• Scans file shares

• Reports on vulnerable files

• Enforces IRM

• Automatic batch

• Monitors shares and PC’s

The GTB DLP Components

Cloud Enabled – Any VM

Centralized policy, reporting and workflow

Supports all languages

Copyright 2010 GTB DLP Suite-Confidential Slide 5

Page 6: Gtb Dlp Suite Presentation

In the Development Pipeline

Copyright 2010 GTB DLP Suite-Confidential Slide 6

• Protection for sites such as: https://use.cloudshare.com

• Mobile devices DLP

• Network traffic analysis/protection

• Network Recorder

• Detection of additional encrypted content and protocols

• IPv6 support

• IDS/IPS + Virus, SPAM and Malware protection

Page 7: Gtb Dlp Suite Presentation

2. Who is sending my data?

• Insiders

• Intruders

• Spyware/Viruses

3. What data is being sent?

• PII

• PHI

• Source Code

• IP

4. Who is receiving my data?

• IP address

• Email destination

• Geographic location

1. Where is my data?

• Desktops

• Laptops

• File shares

• SharePoint

DLP answers 4 questions:

Copyright 2010 Slide 7 GTB DLP Suite-Confidential

Page 8: Gtb Dlp Suite Presentation

1. Control a broken business process

•Who is sending, what data and to whom?

2. Demonstrate Compliance

•I have no way of enforcing data loss compliance regulation

3. Automate Email Encryption

•How do I automate encrypting emails which require it?

5. Severity Blocking

•Some breaches are so severe that I prefer to altogether block them!

6. Visibility to SSL

•I have no visibility to SSL in general and HTTPS in particular!

7. Detect/Block TCP from non-trusted users

•How do I detect transmissions from non-trusted users (Malware/Viruses/Trojans)

The 8 use-cases for Network DLP

Copyright 2010 Slide 8

4. Detect or Block encrypted content

•Should I allow encrypted data to leave without content inspection?

•My employees are not complying with the Written Information Security Policy (WISP)

8. Employees’ Education

GTB DLP Suite-Confidential

Page 9: Gtb Dlp Suite Presentation

What data must be protected?

Personal identifiable information (PII)

• Credit card number

• Social security number

• Customer name

• Address

• Telephone number

• Account number/Member number

• PIN or password

• Username & password

• Drivers license number

• Date of birth

Copyright 2010 GTB DLP Suite-Confidential Slide 9

Page 10: Gtb Dlp Suite Presentation

Enterprise class DLP

Copyright 2010 GTB DLP Suite-Confidential Slide 10

Page 11: Gtb Dlp Suite Presentation

Scans all TCP channels on all 65,535 ports

Enforcement Actions

Network DLP configuration - OOL

Copyright 2010 GTB DLP Suite-Confidential Slide 11

Mirror/SPAN port

•Log

•Encrypt

•Quarantine

•Severity Block

•Redact

The GTB Inspector is an appliance that can be deployed in Bridge / Out of Line through a SPAN/Mirror port and is available as a VM image as well.

Page 12: Gtb Dlp Suite Presentation

Secure mail integration

Copyright 2010 GTB DLP Suite-Confidential Slide 12

Page 13: Gtb Dlp Suite Presentation

HTTPS visibility

Multiple Choices

Copyright 2010 GTB DLP Suite-Confidential Slide 13

Choices: 1. Connect 443 port through

any ICAP Client 2. Connect Directly to the

GTB SSL Proxy

Page 14: Gtb Dlp Suite Presentation

GTB advanced fingerprinting technology – Structured data

Copyright 2010 GTB DLP Suite-Confidential Slide 14

Page 15: Gtb Dlp Suite Presentation

Fingerprint Detection Engine –Structured Data

The most accurate detection engine in the DLP space

Feature Benefit

Can fingerprint any database Highest flexibility

Multi-field detection No false positives

Automatic fingerprints refresh Easy maintenance and operation

Options for time-based sensitive content Automatically deletes fingerprints that are no longer

sensitive

Supports user-defined fields Protects your direct business data

Fingerprints 1 million fields in 10 minutes Very high performance

Copyright 2010 GTB DLP Suite-Confidential Slide 15

Page 16: Gtb Dlp Suite Presentation

GTB advanced fingerprinting technology - Files

Page 17: Gtb Dlp Suite Presentation

Fingerprint Detection Engine – Unstructured Data

The most accurate detection engine in the DLP space

Feature Benefit

Multiple data stream fingerprints using proprietary algorithm

Allows for partial file match

Options for binary or text detection Detects images inside files

Options for excluded content Detects sensitive data only

Options for time-based sensitive content Automatically deletes fingerprints that are no longer

sensitive

User defined sensitivity (in bytes) Highest possible control on what is detected

Virtual zero false positive rate Highest accuracy

Multi-language support Files in any language can be protected

Copyright 2010 GTB DLP Suite-Confidential Slide 17

Page 18: Gtb Dlp Suite Presentation

Data Patterns Detection

Copyright 2010 GTB DLP Suite-Confidential Slide 18

• Extended REGEX templates out of the box

• Patterns defined through REGEX in PHP

• Lexicons support

• User defined severity level per pattern rule

• Multi field weights and occurrences

• Support for all languages

Page 19: Gtb Dlp Suite Presentation

Deployment requirements

Inspector

• 40 GB HD

• VMware Server

• 4GB RAM

Endpoint

• Windows Server

• Runs on any windows OS

eDiscovery

• Runs on any windows OS

The GTB Inspector is also available as an appliance

www.gttb.com

Copyright 2010 GTB DLP Suite-Confidential Slide 19