This Presentation addresses the following questions:
Who we are?
What is DLP?
Why say we are next generation?
Enterprise configuration?
How to prevent your data loss?
1. GTB DLP Suit
Content-aware
Security Suite
True DLP for Data Protection
Uzi Yair May 2012
2. AGENDA
• Who we are?
• What is DLP?
• Why say we are next generation?
• Enterprise configuration?
• How to prevent your data loss?
3. Who we are?
• Founded: 2005
• Ownership: Private and self funded
• Headquarter: Newport Beach, CA
– Development in Kiev, Ukraine
– International Office in Tel Aviv, Taipei, Kuala Lumpur, Tokyo, Kiev
• Security Segment: Data Loss Prevention + EDRM (IRM)
• Target verticals: Financial Institutions, Government, High Tech,
Healthcare
• Channel Partners: UK, Poland, Slovenia, Turkey, Italy, France,
Russia, Kenya, Taiwan, Philippines, Singapore, Japan, South
Korea, Malaysia, Mexico, Romania
• Named Accounts:
– Apple Computer
– American Greetings
– E2V Semi Conductor
– Citgo Oil Company
4. Who we are?
“GTB has primarily focused its efforts on
developing a product with strong
detection capabilities, and continues to
improve the overall user experience. It
has also achieved notable client wins in
the past 12 months, thereby increasing
its overall market presence. “
Gartner DLP MQ 2O11
6. What is DLP?
Who sent my data, and…
to who?
HTTP(S)
Desktops FTP
Laptops Data in Motion SMTP
Network Shares IM
(NTFS, NFS…) RDP
SharePoint VNC
Databases (via ODBC) SSL
Network Printer
Where is my data?
DATA Too many to list here
Data at Rest Data in Use
Cut / Copy
Paste Set access rights for
Print data usage
Print Screen
Access Files
Removable Media
7. What is DLP?
DLP Answers 5 questions:
Desktops
Laptops
Where is my data? Network Shares (NTFS, NFS…)
SharePoint
Databases
Trusted users
Intruders
Who is sending my data? Spyware
Viruses
PII
PHI
What data is sent? Source Code
Intel. Property
IP address
Who received my data? Email destination
Geographic location
Cut / Copy
Paste
Print
How do I protect my data? Print Screen
Access Files
Removable media
8. Why is GTB next generation DLP?
GTB Inspector for Network
GTB Central
GTB Endpoint GTB eDiscovery
Console
Protector to find your
control and
for endpoint end sensitive Data at
device control monitor all Rest
behavior
GTB IRM
Full content-aware Rights
Management System
9. Why is GTB Next Generation DLP?
HTTP(S)
FTP
SMTP
IM
Data in Motion Network Printer
SSL
Desktops RDP
Laptops VNC
Network Shares SSH
Webmail
(NTFS, NFS…) TCP on all ports
SharePoint DATA
Databases (via ODBC)
Data at Rest Data in Use
Cut / Copy
Paste
Print
Print Screen
Access Files
Removable Media
11. How to prevent your data loss?
Support multi-language content
MTA and Smart Host
filtering
Integration with any
Supports all file types
external proxy
Scan ports 0 to 65,535on all Enforces content-based
TCP channels policies based
Integrates with SEIM Alerts violators, Managers
Scalable with Load Balancing SSL Content Filtering
Redacts text from emails in
Educates users
real-time
Seamless integration with Quarantines email with user
email Encryption gateways remediation
Enforcement
Quaranti Severity
Log Block
ne Block
Pass actions
17. How to prevent data loss at the
Endpoints?
USB Drives
iPod, other mp3 players
CD/DVD
Firewire
SD cards
Floppy drives
Bluetooth
Wi-Fi
Other I/O devices
18. How to prevent data loss?
Endpoint Protector access control
Active Directory rules File rules Device rules
Entire domain rules File group rules Bus type
Group rules File type rules Device type
Computer rules Device drive name
Individual user rules Volume number
19. How to prevent data loss?
Endpoint Protector Enforcement actions
BLOCK
LOG
SHADOW
ENCRYPT
Endpoint Protector reporting
Built in Table reports
Built in Crystal reports
Central Console reports
20. How to prevent your data loss?
Features Benefits
Agent Based solution Scans thousands of computers at same
time with no performance degradation
High performance Network friendly
Protects all file formats (binary/text) Secures all content including Source
Code, Audio, Video and text files
Protects database records & fields Ensures regulatory compliance
Virtually zero false positive rate Highest precision
Insures absence of violations No false negatives
Automatic or manual discovery Non-stop data protection
Customized data type definition Discovers data unique to your business
Unattended operation Maintenance free
21. How to prevent your data loss?]
Different Rights
Various View Edit Print Copy/Paste Time Location
Users Limit
USER 1 Office
USER 2 1-5
Jan
Usage Rights Matrix
USER 3
USER 4 Office
Examples of protected files Representative form of Usage Rights Matrix
… & other
combinations
View only View & Edit only
Seclore Policy Server (PS) only
View & Distribute View & Print only
22. How to prevent data loss?
Unified policies for Network, eDiscovery Endpoint and IRM
23. GTB Enterprise DLP Suite Solution Matrix
GTB GTB GTB Rights GTB GTB DLP
Feature
Inspector eDiscovery Management Endpoint Suite
Real-time network traffic inspection √ √
Sensitive data-at-rest discovery √ √ √
Removable devices inspection √ √ √
Blocking leakage of the sensitive data √ √ √ √
Pattern-based inspection √ √ √ √ √
Structured data inspection (Recursive Transitional Gaps ™ Technology) √ √ √ √ √
Unstructured data inspection (Recursive Transitional Gaps™
Technology)
√ √ √ √ √
SSL/TLS Inspection √ √
Email notification and alerting √ √ √ √
Active Directory integration √ √ √ √ √
Security data encryption √ √ √ √ √
Information usage policies support √ √ √
Audit of the usage of the information √ √ √
Email Encryption √ √
Data classification √ √ √
Antiphishing, Antivirus, spam and malware detection √ √
Web Filtering √ √
Easy deployment and maintenace √ √ √ √
Centralized reporting (GTB Central Console) √ √ √ √
25. Others?
Feature / Functionality GTB Websense
Channel coverage - ability to BLOCK
HTTP Server √ No
HTTP/HTTPS √ √
HTTP Tunnel √ No
FTP √ No
FTP Server √ No
IM √ No
P2P √ No
SMTP Mail √ √
SSL √ No
Unknown Protocols √ No
Webmail √ √
SSH √ No
Telenet √ No
SFTP, SSMTP √ No
POP3 √ No
Printing √ √
Fingeprinting √ √
Central Policy Console √ √
Voltage, Zix, Sophos, Secureworks, Secure
Email Encryption support Computing, PostX, Tumbleweed, Symantec, Front Voltage
bridge, Exchange, Positini,Perimeter
Smart Host √ unknown
SEIM integration √ √
Workflow √ √
ICAP support √ √
TMG, Blue Coat, Ironport, Squid,Webroot,
Proxy support TMG, Blue Coat, Squid
Mcafee, others
Endpoint protection √ √
eDiscovery √ √
26. When will you start?
High accuracy of detection and a full range of defense capabilities
Flexible data manipulation detection
The largest set of protocol support and file format independence
High efficiency and without interrupting the network status
Encryption is no longer an issue
Comprehensive policy framework for data protection