The ability to separate control levels

[rakhirhif8963]

In this scenario, a good balance of opportunities and risks is achieved: the risks associated with blocking are delegated to agents on protected computers, while the tasks of monitoring network traffic and detecting security events across the entire network are entrusted to the EtherSensor server.

If we go further, we can consider - and quite easily implement! - the most powerful scenario for using a modern hybrid DLP system, when in addition to (monitoring and blocking data transfer) between the agent and the server of the DeviceLock DLP DLP system, a selective approach is added for different users and user groups, or for different computers and computer groups.

In this variant, full-featured DeviceLock agents perform all DLP functions (access control, logging, alarm notifications) directly and only on protected workstations and only for specified users and user groups. Network activity of users and groups that require free access to various network communication channels to perform business tasks is monitored by the EtherSensor server by intercepting and analyzing network traffic at the perimeter level.

This scenario is also extremely productive for greece mobile database so-called risk groups, when special sets of policies for DLP control of various accounts are created on DeviceLock agents, and switching of the applied policies is performed in real time by including such users in a user group corresponding to a particular risk group.

In any scenario of simultaneous use of the DeviceLock EtherSensor server module in combination with the Endpoint components of the DeviceLock DLP complex in the hybrid DLP system mode, a unique opportunity opens up to create flexible DLP policies with different levels of control and response to events. Simultaneous use of two different DLP architectures (network and agent) for monitoring network traffic significantly increases the reliability of the solution to the problem of preventing and detecting information leaks.