Data Loss Prevention

The Check Point DLP Software Blade combines technology and processes to revolutionise Data Loss Prevention (DLP), helping businesses to pre-emptively protect sensitive information from unintentional loss, educating users on proper data handling policies and empowering them to remediate incidents in real-time.

 

Tab 1

DLP Features

Check Point UserCheck empowers users to remediate incidents in real time.

This innovative technology alerts users of suspected breaches for instant remediation and allows quick authorisation of legitimate communications. UserCheck improves security and raises awareness of data use policies by empowering users to self-administer incident handling - with options to send, discard or review the issue. Notifications occur in real-time via a pop-up from a thin agent or via a dedicated email sent to the end-user (no need to install agent).

Organisations benefit in several ways:

  • Full prevention - enables a practical move from detection to data loss prevention
  • Self-educating system - educates and alerts users without involving IT/security personnel

The innovative Check Point MultiSpect data classification engine combines users, content and process into accurate decisions, to deliver exceptionally high accuracy in identifying sensitive information. Check Point DLP delivers exceptionally high accuracy in identifying sensitive data including Personally Identifiable Information (PII), compliance-related data (HIPAA, SOX, PCI, etc.) and confidential business data.

This is achieved through the MultiSpect technology, a strong 3-tier inspection engine that:

  • Offers multi-parameter data classification and correlation - Multi-protocol inspection and enforcement inspects content flows and enforces policies in the most widely used TCP protocols including: SMTP, FTP, HTTP and webmail. Pattern matching and file classification allows for the identification of content types regardless of the extension applied to the file or compression.
  • Recognises and protect sensitive forms - Includes file/ form matching (based on predefined templates)
  • Identifies unconventional business communication behavior - Establish out-of-the-box best practice policies

In addition, an open scripting language is available for creating custom data types. This unique flexibility provides virtually unlimited support for protecting sensitive data.

Network-wide Protection Coverage

The Check Point DLP Software Blade is an in-line, advanced data loss prevention solution for data transmitted over networks. It offers wide coverage of traffic transport types, including deep application awareness that protects data in motion. The Check Point DLP Software Blade is an in-line, advanced data loss prevention solution for data transmitted over networks. It offers wide coverage of traffic transport types, including deep application awareness that protects data in motion, such as SMTP, HTTP and FTP data. DLP policies are created to define what to prevent and how to prevent it, by policy, by network segment, by gateway and by user-group.

Central Policy Management

DLP Software Blades are centrally managed with Check Point security management via a user-friendly interface. Unified access policies are enforced automatically in the distributed environment, empowering users to securely provision access from anywhere. DLP Software Blades are centrally managed with Check Point security management via a user-friendly interface. Centralized management offers unmatched leverage and control of security policies and enables organizations to use a single repository for user and group definitions, network objects, access rights and security policies across their entire security infrastructure. Unified access policies are enforced automatically throughout the distributed environment, empowering them to securely provision access from anywhere. Unified policy deployment across multiple gateways controls enforcement actions per policy; i.e. detect (log only), or quarantine (self-incident handling). Policy management includes the following features and options:

  • Selection of data type(s) and user group(s) - also using Active Directory
  • Enable exceptions - allowed users
  • Traffic direction - enforce on outbound or inter-departmental traffic
  • Pre-defined policies and content data types
  • Incremental exposure of specific policies per different user groups
  • Integrated logging and event correlation
  • Customisation of internal quarantine
  • Granular protection control - easy-to-use protection profiles allow administrators to define signature and protection activation rules that match the security needs of their network assets
  • Predefined default and recommended profiles - provides immediate and easy out-of-the-box use with profiles tuned to optimise security or performance.

Event Management

Separating the needle from the haystack, SmartEvent for DLP monitors and reports only what is important and offers: real-time and history graphing, incident correlation, graphical incident timelines, custom views, event/incident management workflow. Separating the needle from the haystack, SmartEvent for DLP monitors and reports only what is important. Event management includes the following features and options:

  • Real-time and history graphing and reporting of DLP events
  • Easy incident correlation
  • Graphical incident timelines
  • Easily configured custom views
  • Event/incident management workflow

Rapid and Flexible Deployment

Organisations of any size can be protected from the start with pre-configured templates for immediate data loss prevention. A wide range of built-in policies and rules are included for common requirements, including regulatory compliance, intellectual property and acceptable use. The Check Point DLP Software Blade can be installed on any Check Point security gateway (based on Check Point appliances or open server platforms). Deploy easily and rapidly on existing Check Point security gateways, saving time and reducing costs by leveraging existing security infrastructure. In addition, a full range of powerful and highly scalable DLP-1 Appliances are available to align with any network security requirements.

Integrated into Check Point Software Blade Architecture

The DLP Software Blade is fully integrated into the Software Blade architecture, saving time and reducing costs by allowing customers to quickly expand security protections to meet changing requirements. It can be easily and rapidly activated on existing Check Point Security Gateways (Check Point appliances including UTM-1, Power-1 and IAS Appliances, or open server platforms) saving time and reducing costs by leveraging existing security infrastructure.

Pre-emptive data loss prevention for critical business information

  • UserCheck technology allows for real-time user remediation
  • MultiSpect combines users, content and process for unrivaled accuracy
  • Educates and alerts users without involving IT/security personnel

Easy DLP deployment and simplified management

  • Centralised management of security policy via a single console
  • Pre-configured policies allow for immediate data loss prevention
  • Broadest support for file formats and data types

Integrated into Check Point Software Blade Architecture

  • Activate DLP on any Check Point security gateway
  • Powerful and highly scalable dedicated DLP-1 appliances also available
  • Supported gateways include: UTM-1, Power-1 and IAS Appliances