Data Loss Prevention DLP System

Monitorium

Monitorium

•  Protects confidential information and documents from theft or accidental loss through internet transmission

•  Monitors and analyzes content of outgoing IP traffic •  Detects and blocks security violating traffic •  Can limit corporate network users’ access to Internet

resources

•  Different and complimentary to firewall and antivirus: –  Protects “content”, not PC hardware or internal network –  Protects against internal threats

Network installation

System characteristics

•  Deep Packet Inspection (DPI) bases Level 7 network analysis system

•  Supported protocols: HTTP, FTP, TELNET, SMTP/POP/IMAP •  Applications:

–  Webmail (Yandex, Mail.ru, Gmail, Rambler) –  IM (ICQ, Jabber, gtalk, mail.ru agent)

•  File formats: –  txt, rtf, Microsoft Office (.doc, .xls, .docx, .xlsx), pdf, html,

XML, ps, zip, gz, 7z, rar, tar, bzip •  Content analysis: linguistic, regular expressions, dictionaries,

fingerprints, keyword matching, window hashing, stat. analysis •  Supported languages: Russian, English

Analyzed information

•  Message sender address: MAC / IP address •  Message receiver address: IP address, hostname •  Message headers:

–  Page url (www address, domain/host name) –  email address –  ICQ user name

•  Message content: –  Search queries –  Blog, forum, social network posts –  Email texts –  IM chat texts –  Content of attached documents and archives

Interface: Event monitor

Security rules

Reports and statistics

Advantages of Trafica DLP system •  Real time protection and alerts •  Full content analysis •  Multiple monitoring points •  Easy network installation •  Detailed reports engine •  Full text incidents archive search •  Designed to be used by non-technical staff

Trafica LLC •  Founded 2008 •  Central office in Moscow •  15 people •  Email: info@trafica.ru