GTB DLP SuitContent-aware Security Suite

True DLP for Data Protection

Daniel Jay May 2012

AGENDA

• Who we are?• What is DLP?• Why say we are next generation?• Enterprise configuration?• How to prevent your data loss?

Who we are?

• Founded: 2005 • Ownership: Private and self funded • Headquarter: Newport Beach, CA

– Development in Kiev, Ukraine – International Office in Tel Aviv, Taipei, Kuala Lumpur, Tokyo, Kiev

• Security Segment: Data Loss Prevention + EDRM (IRM)• Target verticals: Financial Institutions, Government, High Tech,

Healthcare • Channel Partners: UK, Poland, Slovenia, Turkey, Italy, France,

Russia, Kenya, Taiwan, Philippines, Singapore, Japan, South Korea, Malaysia, Mexico, Romania

• Named Accounts: – Apple Computer– American Greetings– E2V Semi Conductor– Citgo Oil Company

Who we are?

“GTB has primarily focused its efforts on developing a product with strong detection capabilities, and continues to improve the overall user experience. It has also achieved notable client wins in the past 12 months, thereby increasing its overall market presence. “--- Gartner DLP MQ 2O11

Awards

What is DLP?

DATA

Data in Motion

Who sent my data, and… to who?

Data at Rest

Where is my data?

Data in Use

Set access rights for data usage

HTTP(S) FTP SMTP IMRDPVNCSSL Network PrinterToo many to list here

Cut / Copy Paste Print Print Screen Access Files Removable Media

DesktopsLaptopsNetwork Shares (NTFS, NFS…)SharePointDatabases (via ODBC)

What is DLP?DLP Answers 5

questions:Where is my data?

DesktopsLaptopsNetwork Shares (NTFS, NFS…)SharePointDatabases

Who is sending my data?Trusted usersIntrudersSpywareViruses

What data is sent?PIIPHISource CodeIntel. Property

Who received my data?IP addressEmail destinationGeographic location

How do I protect my data?

Cut / Copy Paste Print Print Screen Access Files Removable media

Why is GTB next generation DLP?

GTB Inspector for Network

GTB Endpoint Protector

for endpoint end device control

GTB eDiscovery to find your

sensitive Data at Rest

GTB IRM Full content-aware Rights

Management System

GTB Central Console

control and monitor all behavior

Why is GTB Next Generation DLP

DATA

Data in Motion

Data at Rest Data in Use

HTTP(S) FTP SMTP IM Network PrinterSSLRDPVNCSSHWebmailTCP on all ports

Cut / Copy Paste Print Print Screen Access Files Removable Media

DesktopsLaptopsNetwork Shares (NTFS, NFS…)SharePointDatabases (via ODBC)

SAFE

Data Protection Architecture

How to prevent your data loss?

Support multi-language content filtering

Supports all file types

Scan ports 0 to 65,535on all TCP channels

Integrates with SEIM

Scalable with Load Balancing

MTA and Smart Host

Integration with any external proxy

Enforces content-based policies based

Alerts violators, Managers

SSL Content Filtering

Redacts text from emails in real-time Educates users

Seamless integration with email Encryption gateways

Quarantines email with user remediation

Log Block Quarantine

Severity Block Pass

Enforcement actions

How to prevent your data loss?

How to specify/fingerprint files ?

Controls granularity of detection size in bytes

Customized Policy definitions

Detailed Events Data

Management Log

Complete Auditing

How to prevent data loss?

USB Drives

iPod, other mp3 players

CD/DVD

Firewire

SD cards

Floppy drives

Other I/O devices

Bluetooth

Wi-Fi

Endpoint Protector access control

Group rules

Computer rules

Individual user rules

Entire domain rules

File type rules

File group rules

Device type

Device drive name

Volume number

Bus type

Active Directory rules File rules Device rules

How to prevent data loss?

Endpoint Protector Enforcement actions

BLOCK

LOG

SHADOW

ENCRYPT

Endpoint Protector reporting

Built in Table reports

Built in Crystal reports

Central Console reports

How to prevent data loss?

How to prevent your data loss?

Features Benefits

Agent Based solution Scans thousands of computers at same time with no performance degradation

High performance Network friendly

Protects all file formats (binary/text) Secures all content including Source Code, Audio, Video and text files

Protects database records & fields Ensures regulatory compliance

Virtually zero false positive rate Highest precision

Insures absence of violations No false negatives

Automatic or manual discovery Non-stop data protection

Customized data type definition Discovers data unique to your business

Unattended operation Maintenance free

SSL C

onnection

Seclore Policy Server (PS)

Usage Rights Matrix

View Edit Print Cpy/Paste Time Limit Location

USER 1 Office

USER 2 1-5 Jan

USER 3

USER 4 Office

Representative form of Usage Rights Matrix

Various Users Different Rights

Examples of protected files

View only View & Edit only View & Distribute only View & Print only

… & other combinations

How to prevent your data loss?]

How to prevent data loss?

Unified policies for Networ, eDiscovery Endpoint and IRM

Feature GTB Inspector

GTB eDiscovery

GTB Rights Management

GTB Endpoint

GTB DLP Suite

Real-time network traffic inspection ● ●

Sensitive data-at-rest discovery ● ● ●

Removable devices inspection ● ● ●

Blocking leakage of the sensitive data ● ● ● ●

Pattern-based inspection ● ● ● ● ●

Structured data inspection (Recursive Transitional Gaps ™ Technology) ● ● ● ● ●

Unstructured data inspection (Recursive Transitional Gaps™ Technology) ● ● ● ● ●

SSL/TLS Inspection ● ●

Email notification and alerting ● ● ● ●

Active Directory integration ● ● ● ●

Security data encryption ● ● ● ●

Information usage policies support ● ● ●

Audit of the usage of the information ● ● ●

Email Encryption ●1 ●

Data classification ● ● ●

Antiphishing, Antivirus, spam and malware detection ● ●

Web Filtering ● ●

Easy deployment and maintenace ● ● ● ●

Centralized reporting (GTB Central Console) ● ● ● ●

GTB Enterprise DLP Suite Solution Matrix

The competition?

Others?

Feature / Functionality GTB Websense

Channel coverage - ability to BLOCK 　 　HTTP Server √ NoHTTP/HTTPS √ √HTTP Tunnel √ NoFTP √ NoFTP Server √ NoIM √ NoP2P √ NoSMTP Mail √ √SSL √ NoUnknown Protocols √ NoWebmail √ √SSH √ NoTelenet √ NoSFTP, SSMTP √ NoPOP3 √ NoPrinting √ √Fingeprinting √ √Central Policy Console √ √

Email Encryption supportVoltage, Zix, Sophos, Secureworks, Secure Computing, PostX, Tumbleweed, Symantec, Front bridge, Exchange, Positini,Perimeter

Voltage

Smart Host √ unknownSEIM integration √ √Workflow √ √ICAP support √ √

Proxy supportTMG, Blue Coat, Ironport, Squid,Webroot, Mcafee, others

TMG, Blue Coat, Squid

Endpoint protection √ √eDiscovery √ √

When will you start?

We provide…

High accuracy of detection and a full range of defense capabilities

Flexible data manipulation detection

The largest set of protocol support and file format independence

High efficiency and without interrupting the network status

Encryption is no longer an issue

Comprehensive policy framework for data protection

We are ready when you are!

WE MADE DLP

Live Product Demo

NOW YOU CAN GO TO THE BEACH