Monitorium DLP

606 views

Published on

Data Loss Prevention system based on DPI network traffic analysis

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
606
On SlideShare
0
From Embeds
0
Number of Embeds
26
Actions
Shares
0
Downloads
5
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Monitorium DLP

  1. 1. Data Loss Prevention DLP SystemMonitorium
  2. 2. Monitorium•  Protects confidential information and documents from theft or accidental loss through internet transmission•  Monitors and analyzes content of outgoing IP traffic•  Detects and blocks security violating traffic•  Can limit corporate network users’ access to Internet resources•  Different and complimentary to firewall and antivirus: –  Protects “content”, not PC hardware or internal network –  Protects against internal threats
  3. 3. Network installation
  4. 4. System characteristics•  Deep Packet Inspection (DPI) bases Level 7 network analysis system•  Supported protocols: HTTP, FTP, TELNET, SMTP/POP/IMAP•  Applications: –  Webmail (Yandex, Mail.ru, Gmail, Rambler) –  IM (ICQ, Jabber, gtalk, mail.ru agent)•  File formats: –  txt, rtf, Microsoft Office (.doc, .xls, .docx, .xlsx), pdf, html, XML, ps, zip, gz, 7z, rar, tar, bzip•  Content analysis: linguistic, regular expressions, dictionaries, fingerprints, keyword matching, window hashing, stat. analysis•  Supported languages: Russian, English
  5. 5. Analyzed information•  Message sender address: MAC / IP address•  Message receiver address: IP address, hostname•  Message headers: –  Page url (www address, domain/host name) –  email address –  ICQ user name•  Message content: –  Search queries –  Blog, forum, social network posts –  Email texts –  IM chat texts –  Content of attached documents and archives
  6. 6. Interface: Event monitor
  7. 7. Security rules
  8. 8. Reports and statistics
  9. 9. Advantages of Trafica DLP system•  Real time protection and alerts•  Full content analysis•  Multiple monitoring points•  Easy network installation•  Detailed reports engine•  Full text incidents archive search•  Designed to be used by non-technical staff
  10. 10. Trafica LLC•  Founded 2008•  Central office in Moscow•  15 people•  Email: info@trafica.ru

×