top of page
download.png

DEVICE LOCK DLP SUITE

image-asset.png

DeviceLock DLP Suite consists of five modules that protect your organization from data leak threats:

DeviceLock provides network administrators the ability to set and enforce contextual policies for how, when, where to, and by whom data can or can’t be moved to or from company laptops or desktop PCs via devices like phones, digital cameras, USB sticks, CD/DVD-R, tablets, printers or MP3 players. In addition, policies can be set and enforced for copy operations via the Windows Clipboard, as well as screenshot operations on the endpoint computer.

NetworkLock adds contextual-level control of user network communications via the Internet through such means as: company email, personal webmail, instant messaging services, social networks (like Facebook, Google+, Twitter), web surfing, FTP file transfers, as well as cloud-based file sharing services like Dropbox, SkyDrive and Google Drive.

ContentLock adds the capability to look inside files and other data objects (like emails and webmails, chats, blog posts, etc.) for sensitive information like social security numbers, credit card numbers, bank account numbers or other user-definable information and to make block-or-allow decisions based on policies having to do with file contents.

Discovery is a separately licensed component, which helps network administrators and security personnel locating certain types of content stored within and outside the limits of the corporate network. Discovering unwanted content is essential when trying to protect the company’s intellectual property, control employee activities and administer computer networks.

Search Server is an optional separately licensed component, which provides full-text searching of logged data. The full-text search functionality is especially useful in situations when you need to search for shadow copies of documents based on their contents.

image-asset (1).png

The combination of all of these modules working together is the DeviceLock DLP Suite. The DLP Suite provides protection against local and network data leaks at the endpoint (laptop, desktop or server) via a wide array of threat vectors.

These include: iPhones, Androids, BlackBerry, other smart-phones, iPods, iPads, digital cameras, Wi-Fi, Bluetooth, FireWire, social media, IM, webmail, company email, printing, CD or DVD ROM, USB flash drives, Compact Flash, FTP/FTPS, HTTP/HTTPS and the clipboard.

Natively integrated with Microsoft Active Directory Group Policy, the DeviceLock DLP Suite is very easy and straight-forward to install and configure. Typical installations are handled by Microsoft Network Administrators and do not require expensive, specially trained resources.

The other great customer benefit of DeviceLock’s tight integration with Active Directory is that it gives the solution virtually limitless scalability. The DeviceLock DLP Suite can effortlessly run on every endpoint listed in your Active Directory database … even if there are tens of thousands.

DEVICELOCK DISCOVERY STOPS DATA BREACHES

image-asset (2).png

A functional component of the DeviceLock DLP Suite, DeviceLock Discovery enables organizations to gain visibility and control over confidential “data at rest” stored across their IT environment in order to proactively prevent data breaches and achieve compliance with regulatory and corporate data security requirements.

By automatically scanning data residing on network shares, storage systems, and endpoint computers inside and outside of the corporate network, DeviceLock Discovery locates documents with exposed sensitive content, provides options to protect them with remediation actions, and can initiate incident management procedures by sending real-time alerts to Security Information and Event Management (SIEM) systems used in the organization.

Depending on the network topology and other specifics of the protected IT environment, DeviceLock Discovery can perform scans in several modes: agentless, agent-based, and mixed scanning.

DeviceLock Discovery scans can be initiated by administrators manually or can be configured to run on a schedule. DeviceLock Discovery Agents can be remotely installed on and removed from target computers by the DeviceLock Discovery Server in a fully automatic and transparent process to end users.

CONTENT DETECTION

DeviceLock Discovery inspects textual data in more than 120 file formats and more than 40 types of nested archives. For identifying confidential content, DeviceLock Discovery uses structured data detection methods like keyword matching and regular expressions (RegExp). To ease the task of specifying content filters, the product ships with hundreds of pre-built industry-specific and country-specific keyword dictionaries, as well as RegExp templates for common sensitive information types, such as Social Security Numbers, credit cards, bank accounts, addresses, driving licenses, etc. In addition, customers can develop their own keyword dictionaries and templates, as well as modify pre-built ones for customized filtering needs.

The accuracy of content detection is increased by morphological analysis of keywords in English, French, German, Italian, Portuguese, Russian, Spanish, and Catalan Spanish.

Validated File Type Detection (more than 5300 file types are recognized) is another content-aware method that can be used in DeviceLock Discovery independently or in combination with textual content inspection. A binary content signature-based method is used to detect the verified file type regardless of its extension or header.

In addition to content discovery in textual-based data objects, a built-in optical character recognition (OCR) engine allows DeviceLock Discovery to extract and inspect textual data from pictures in documents and graphical files of many image formats. With 26 languages recognized, DeviceLock keyword dictionaries and regular expressions used to improve recognition, as well as dozens of other advanced features supported, this highly efficient OCR engine delivers the ability to discover and protect exposed confidential data in information assets presented in graphical form to DeviceLock customers. The distributed OCR architecture tremendously improves the overall performance of the solution, primarily because the graphical objects stored on endpoints can be scanned and inspected locally by Agent-resident OCR modules, thus significantly decreasing any load on the Discovery Server and reducing the scan traffic in the corporate network.

image-asset (3).png

REMEDIATION ACTIONS

Once confidential content has been detected in a file stored in the wrong place, the following preventive actions can be enforced to remediate the exposure:

  • Delete

  • Safe Delete

  • Delete Container (if a violation found in a file inside the container/archive)

  • Set Permissions (for NTFS files)

  • Log

  • Alert

  • Notify User and

  • Encrypt (with EFS for NTFS files only).

BRING YOUR OWN DEVICE (BYOD) ENVIRONMENT

image-asset (4).png

DeviceLock’s Virtual DLP feature extends the reach of DeviceLock data leak prevention capabilities to a variety of virtual computing solutions. These include session-based and streamed desktops and applications, as well as local virtual machines on hypervisors. Supported desktop and application virtualization solutions from major vendors include: Microsoft RDS, Citrix XenApp, Citrix XenDesktop and VMware View.

Virtual DLP complements the inherent capabilities of these solutions to isolate virtual and host environments by providing a comprehensive set of contextual and content filtering policies. These policies are enforced over data flows between centrally hosted virtual desktops or applications and redirected peripheral devices of remote terminal endpoints including drives, printers, USB ports and the clipboard. In addition, user network communications from within the terminal session can be controlled by the DeviceLock DLP mechanisms. Centralized event logging and data shadowing are also fully supported for all Virtual DLP scenarios.

As a result, by using the DeviceLock Endpoint DLP Suite in BYOD implementations based on virtualization platforms from Microsoft, Citrix, VMware and others, organizations can fully control virtual corporate environments on employees’ personal devices. In addition they can monitor, inspect and filter the content of all data exchanges between the protected virtual workspace and the personal part of the BYOD device, its local peripherals and the network – i.e., all those destinations outside of the corporate border that should be treated as insecure. DeviceLock Virtual DLP controls enforced on the edge of virtual platforms ensure that data from the corporate IT environment and the host BYOD environment are not intermingled. All necessary business-related data exchanges between the two environments are allowed based on least-privilege DLP policies, and employees maintain full control over the device platform, personal applications and their private data. In addition, the employee remains fully responsible for the device maintenance and support, which provides a distinct advantage over the conventional BYOD approach whereby the enterprise can be responsible for causing problems with the personal device and its owner’s private data.

image-asset (5).png

Best of all, the DLP protection delivered by Virtual DLP to BYOD solutions based on desktop and application virtualization is universal and works for all types of BYOD devices. These can include mobile platforms, such as iOS, Android and WindowsRT, thin terminal clients with Windows CE, Windows XP Embedded or Linux, as well as any computers that run OS X, Linux or Windows. Organizations standardized on any virtualization platform for their BYOD strategies will benefit greatly from deploying the DeviceLock Endpoint DLP Suite, since it is the most effective, straight-forward and affordable way of implementing comprehensive endpoint DLP services for any type of BYOD devices.

DEVICELOCK ENDPOINT DLP SUITE - COMPREHENSIVE FEATURES LIST

Devices Access Control. Administrators can control which users or groups can access USB, FireWire, Infrared, COM and LPT ports; WiFi and Bluetooth adapters; any type of printer, including local, network and virtual printers; Windows Mobile, BlackBerry, MTP-enabled devices (such as Android, Windows Phone, etc.), iPhone and Palm OS-based PDAs and smartphones; Terminal Services devices; as well as DVD/BD/CD-ROMs, floppy drives, and other removable and Plug-and-Play devices. It's possible to set devices in read-only mode and control access to them depending on the time of day and day of the week.

image-asset (6).png

Network Communications Control. The NetworkLock module adds comprehensive contextual control over Windows endpoint network communications including network protocols, web applications and listed Instant Messenger applications like Skype. Regular and SSL-tunneled email communications (SMTP, Exchange-MAPI and listed webmail services) are controlled with messages and file attachments handled and filtered separately. NetworkLock also controls web access and other HTTP-based applications with the ability to extract the content from encrypted HTTPS sessions. Web applications, social networks, cloud-based file sharing web access and webmail services are secured separately from the HTTP control for easier configuration, while supported sites, email addresses and sender/recipient IDs can be whitelisted for approved users within NetworkLock. See the Product Specifications section for a list of supported webmail services, social networks, cloud-based file sharing services and instant messengers controlled by NetworkLock.

Content Filtering. Extending DeviceLock and NetworkLock capabilities beyond contextual security, the ContentLock module can analyze and filter the textual content of data copied to removable media drives, to other Plug-n-Play storage devices, to the clipboard, data sent for printing and even data that might otherwise be hidden in screen prints, graphical files or pictures embedded in documents. ContentLock also filters data objects and sessions from within network communications. These include email, web access and popular HTTP-based applications like web mail services, social networks, cloud-based file sharing services, instant messengers, file attachments, web forms/posts, and FTP file transfers. The content analysis engine can extract textual data from more than 160 file formats and data types and then apply effective and reliable content filtering methods based on pre-built templates of Regular Expression (RegExp) patterns, industry-specific keyword filters (HIPAA, PCI, etc.), document meta properties, verified file types and more. Content detection templates can be modified with numerical threshold conditions and/or combined with Boolean logic operators (AND/OR/NOT) for unmatched flexibility of control.

image-asset (7).png

Host-Resident OCR. Complementing content filtering of textual-based data objects, a built-in optical character recognition (OCR) engine allows DeviceLock DLP to quickly, efficiently and accurately extract and inspect textual data from pictures in documents and graphical files of many image formats. With 30+ languages recognized, this highly efficient OCR engine uses regular expressions, keyword dictionaries, and other advanced methods to improve recognition and deliver the ability to discover and protect exposed confidential data in information assets presented in graphical form. Unique to DeviceLock DLP is that the OCR module runs in each of its enforcement oriented components: DeviceLock Agent, DeviceLock Discovery Server and DeviceLock Discovery Agent. This distributed OCR architecture tremendously improves the overall performance of the solution, because the graphical objects stored on endpoints can be scanned and inspected by local host-resident OCR modules, which in turn significantly decreases the load to the Discovery Server, as well as reducing the “scan” traffic on the corporate network.

Content Discovery. DeviceLock Discovery enables organizations to gain visibility and control over confidential “data-at-rest” stored across their IT environment in order to proactively prevent data breaches and achieve compliance with regulatory and corporate data security requirements. By automatically scanning data residing on network shares, storage systems and Windows endpoint computers inside and outside of the corporate network, DeviceLock Discovery locates documents with sensitive content and provides options to remediate them, as well as initiate incident management procedures with real-time alerts to SIEM systems and data security personnel. By using the full set of ContentLock features that now include OCR capabilities, DeviceLock can discover textual data in more than 120 file formats and 40 types of nested archives, as well as within pictures in documents and graphical files. Depending on the network topology and specifications, DeviceLock Discovery can perform scans in agentless, agent-based and mixed scanning modes. The scans can be initiated manually or configured to run on a schedule while targeting corporate computers, network shares and storage systems in the organization. DeviceLock Discovery Agents can be remotely installed on and removed from target computers by DeviceLock Discovery Server in a fully automatic and transparent manner. When used together with other DeviceLock DLP components, DeviceLock Discovery can also utilize the built-in discovery capabilities of DeviceLock Agents for scanning data stored on their host computers and accessible network shares.

Tamper Protection. The configurable 'DeviceLock Administrators' feature prevents tampering with DeviceLock policy settings locally on Windows and Apple OS even by users with local system administration privileges. With this feature activated, only designated DeviceLock administrators working from a DeviceLock console or Group Policy Object (GPO) Editor can uninstall upgrade the agent or modify DeviceLock policies in any way.

 

Active Directory Group Policy Integration. DeviceLock’s primary console integrates directly with the Microsoft Management Console (MMC) Active Directory (AD) Group Policy interface. As Group Policy and MMC-style interfaces are completely familiar to AD administrators, there is no proprietary interface to learn or training classes needed to effectively manage endpoint DLP policies centrally. The mere presence of the DeviceLock MMC snap-in console on a Group Policy administrator’s computer allows for direct integration into the Group Policy Management Console (GPMC) or the Active Directory Users & Computers (ADUC) console without any scripts, ADM templates, or schema changes whatsoever. Administrators can dynamically manage both Windows and Apple OS endpoint settings right along with their other Group Policy–automated tasks. Absent a Group Policy environment, DeviceLock also has classic Windows consoles and a web browser console that can centrally manage agents on any Novell, LDAP, or 'workgroup' IP network of Windows computers. XML-based policy templates can be shared across all DeviceLock consoles.

True File Type Control. Administrators can selectively grant or deny access to over 4,300 specific file types for removable media. When a file type policy is configured, DeviceLock will look into a file’s binary content to determine its true type (regardless of file name and extension) and enforce control and shadowing actions per the applied policy. For flexibility, Content-Aware Rules for file types can be defined on a per-user or per-group basis at the device/protocol type layer. True file type rules can also apply to pre-filtering of shadow copies to reduce the volume of captured data.

image-asset (8).png

Clipboard Control. DeviceLock enables administrators to effectively block data leaks at their earliest stage—when users deliberately or accidentally transfer unauthorized data between different applications and documents on their local computer through the Windows clipboard and print-screen mechanisms. DeviceLock can selectively control user/group access to objects of different data types that are copied into the clipboard. These types include files, textual data, images, audio fragments (i.e. captured with Windows Sound Recorder), and even data of "unidentified" types. In addition, content of textual data copied via the clipboard can be monitored and filtered. DeviceLock DLP separately, independently and uniquely protects and filters clipboard operations when redirected to a remote BYOD device in a terminal session to provide Virtual DLP. To prevent one of the oldest methods of data theft, screenshot operations can be blocked for specific users/groups. These include the Windows PrintScreen keyboard function, and the screen capture features of third-party applications. If screenshots are allowed contextually by policy, ContentLock’s advanced OCR content inspection can filter the textual content of captured screen images according to DLP policies.

USB White List. Allows you to authorize a specific model of device to access the USB port, while locking out all others. You can even "White List" a single, unique device, while locking out all other devices of the same brand and model, as long as the device manufacturer has supplied a suitable unique identifier, such as a serial number.

 

Media White List. Allows you to authorize access to specific DVD/BD/CD-ROM disks, uniquely identified by data signature, even when DeviceLock has otherwise blocked the DVD/BD/CD-ROM drive. A convenience when DVD/BD/CD-ROM disks are routinely used for the distribution of new software or instruction manuals, Media White Listing can also specify allowed users and groups, so that only authorized users are able to access the contents of the DVD, Blu-ray or CD-ROM.

Temporary White List. Allows granting temporary access to a USB-connected device by the issuing of an access code, rather than through regular DeviceLock permission setting/editing procedures. Useful when permissions need to be granted and the system administrator has no network connection; for example, in the exceptional case of accommodating a sales manager who calls in with a request for USB access when working outside the company's network.

Protocols White List. Allows you to specify whitelist-oriented policies by IP address, address range, subnet masks, network ports and their ranges.

Auditing. DeviceLock‘s auditing capability tracks user and file activity for specified device types, ports and network resources on a local computer. It can pre-filter audit activities by user/group, by day/hour, by port/device/protocol type, by reads/writes, and by success/failure events. DeviceLock employs the standard event logging subsystem and writes audit records to a Windows Event Viewer log with GMT timestamps. Logs can be exported to many standard file formats for import into other reporting mechanisms or products. Also, audit records can be automatically collected from remote computers and centrally stored in SQL Server. Even users with local admin privileges can't edit, delete or otherwise tamper with audit logs set to transfer to DeviceLock Enterprise Server.

 

 

Shadowing. DeviceLock’s data shadowing function can be set up to mirror all data copied to external storage devices, printed, or transferred over the network and through serial and parallel ports. DeviceLock can also split ISO images produced by CD/DVD/BD burners into the original separated files upon auto-collection by the DeviceLock Enterprise Server (DLES). A full copy of the files can be saved into the SQL database or to a secure share managed by the DLES. Shadowing activities can be pre-filtered just like regular auditing to narrow down what is collected. DeviceLock’s audit and shadowing features are designed for efficient use of transmission and storage resources with stream compression, traffic shaping for quality of service (QoS), performance/quota settings, and automated optimal DLES server selection. ContentLock’s content filtering technology makes DeviceLock’s data shadowing feature even more efficient, scalable and intelligent. Content-based data shadowing is supported for all endpoint data channels including removable and plug-and-play storage devices, network communications, local synchronizations with supported smartphones and document printing. Incoming and/or outgoing transmissions can be conditionally shadowed. By pre-filtering the content of potentially large data objects before shadowing to the log, DeviceLock downsizes the streams to just those objects that contain information meaningful for post-analysis tasks like security compliance auditing, incident investigations, and cyber-forensics.

Alerting. DeviceLock provides both SNMP and SMTP based alerting capabilities driven by DeviceLock DLP endpoint events for real time notification of sensitive user activities on protected endpoints on the network.

Mobile Device Local Sync Control. Administrators can use DeviceLock's patented Local Sync control technology to set granular access control, auditing, and shadowing rules for data that Microsoft Windows Mobile®, Apple iPhone®/iPad®/iPod touch® or Palm® mobile devices exchange through local synchronizations with Windows endpoints. Permissions are uniquely granular and define which "types" of mobile device data (files, pictures, emails, contacts, calendars, etc.) that specified users/groups are allowed to synchronize between managed endpoints and personal mobile devices regardless of the connection interface. Presence detection, access control and event logging for Android®, Windows Phone and other MTP devices, as well as BlackBerry® smartphones are specifically supported at the device type level.

Printing Security. DeviceLock puts local and network printing from Windows endpoints under the strict control of administrators. By intercepting Print Spooler operations, DeviceLock enables administrators to centrally control user access and content of printed documents sent to local, network, and even virtual printers from DeviceLock-protected endpoints. In addition, for USB-connected printers, specified printer vendor models and/or unique printer device IDs can be allowed for designated users and groups. Printing events can be logged and the actual print job data can be shadow-copied in searchable PDF format, collected, and stored centrally for audit and post-analysis.

Network-Awareness. Administrators can define different online vs. offline security policies for the same user account. A reasonable and often necessary setting on a mobile user’s laptop, for example, is to disable WiFi when docked to the corporate network and enable it when undocked.

Removable Media Encryption Integration. DeviceLock takes an open integration approach to encryption of data uploaded to removable media. Customers have the option of using the encryption solution that best fits their security scenarios among best-of-breed technologies that include: Windows BitLocker To Go™, Apple OS X FileVault, PGP® Whole Disk Encryption for standard FIPS-certified encryption; TrueCrypt® for free Open Source encryption; SafeDisk®, SecurStar® DriveCrypt Plus Pack Enterprise (DCPPE) software; and Lexar Media’s S1100/S3000 series USB flash drives for pre-encrypted removable media. In addition, any pre-encrypted USB media can be selectively whitelisted with usage strictly enforced. DeviceLock allows for discrete access rules for both encrypted and unencrypted partitions of such media.

Search Server. DeviceLock Search Server provides full-text searching of logged data stored on DeviceLock Enterprise Server. You can use full-text searches to find data that you cannot find by filtering data in the log viewers. The full-text search functionality is especially useful in situations when you need to search for shadow copies of documents based on their contents. DeviceLock Search Server can automatically recognize, index, search and display documents in many formats, such as: Adobe Acrobat (PDF), Ami Pro, Archives (GZIP, RAR, ZIP), Lotus 1-2-3, Microsoft Access, Microsoft Excel, Microsoft PowerPoint, Microsoft Word, Microsoft Works, OpenOffice (documents, spreadsheets and presentations), Quattro Pro, WordPerfect, WordStar and many others.

 

Virtual DLP for BYOD Devices. DeviceLock's Virtual DLP features provide the ability to protect any BYOD device against insider data leaks when using leading desktop and application virtualization solutions like Citrix XenApp/XenDesktop, Microsoft RDS and VMware Horizon View. Running on a VDI Host or Terminal Server, DeviceLock "remotes" contextual and content-aware endpoint DLP controls to the connected remote BYOD device to create a virtual endpoint DLP agent that prevents uncontrolled data exchanges to local peripherals, hosted applications and network connections of the BYOD device while "in session". This approach unifies DeviceLock DLP across physical and virtual Windows and BYOD environments.

EXTENDED DEVICELOCK® FUNCTIONS


Anti-keylogger. DeviceLock detects USB keyloggers and blocks keyboards connected to them. Also, DeviceLock obfuscates PS/2 keyboard input and forces PS/2 keyloggers to record garbage instead of the real keystrokes.

 

Monitoring. DeviceLock Enterprise Server can monitor remote computers in real-time, checking DeviceLock Service status (running or not), policy consistency and integrity. The detailed information is written to the Monitoring log. Also, it is possible to define a master policy that can be automatically applied across selected remote computers in the event that their current policies are suspected to be out-of-date or damaged.

 

RSoP Support. You can use the Windows standard Resultant Set of Policy snap-in to view the DeviceLock policy currently being applied, as well as to predict what policy would be applied in a given situation.

 

Batch Processing. Allows you to define settings for a class of similar computers with similar devices (e.g. all computers have USB ports and CD-ROMs) across a large network in a fast and consistent manner. DeviceLock Service can be automatically installed or updated on all the computers in a network using DeviceLock Enterprise Manager.

Graphical Reporting. DeviceLock can automatically generate graphical reports based on audit and shadow logs.

Permissions Report. Allows you to generate a report displaying the permissions and audit rules that have been set on all the computers across the network.

 

Report Plug-n-Play Devices. Allows you to generate a report displaying the USB, FireWire and PCMCIA devices currently connected to computers in the network and those that were historically connected.

 

Traffic Shaping. DeviceLock allows you to define bandwidth limits for sending audit and shadow logs from DeviceLock Service to DeviceLock Enterprise Server. This Quality of Service (QoS) feature helps reduce the network load.

Stream Compression. You can instruct DeviceLock to compress audit logs and shadow data pulled from endpoints by DeviceLock Enterprise Server service. Doing this decreases the size of data transfers and thus reduces the network load.

Optimal Server Selection. For optimal transfer of audit and shadow logs, DeviceLock Services can automatically choose the fastest available DeviceLock Enterprise Server from a list of available servers.

 

 

 

SPECIFICATIONS


Version Information and System Requirements

  • Version: 8.1.64652

  • Agents: Windows NT/2000/XP/Vista/7/8/8.1/10/Server 2003-2012 R2 (32/64-bit); Apple OS X 10.6.8/10.7/10.8/10.9/10.10/10.11 (32/64-bit); Microsoft RDS, Citrix XenDesktop/XenApp, Citrix XenServer, VMware Horizon View; VMware Workstation, VMware Player, Oracle VM VirtualBox, Windows Virtual PC; CPU Pentium 4, 512MB RAM, HDD 400MB

  • Consoles: Windows 2000/XP/Vista/7/8/8.1/10/Server 2003-2012 R2 (32/64-bit); CPU Pentium 4, 512MB RAM, HDD 1GB

 

  • DeviceLock Enterprise Server, DeviceLock Discovery Server, DeviceLock Search Server: Windows Server 2003-2012 R2 (32/64-bit), Microsoft RDS, Citrix XenServer, VMware vSphere Desktop; 2xCPU Intel Xeon Quad-Core 2.33GHz, RAM 8GB, HDD 800GB (if hosting SQL DB, less if not); MSEE/MSDE/SQL Server Express or MS SQL Server

Device Types Controlled:

  • Floppies

  • CD-ROMs/DVDs/BDs

  • Any removable storage (flash drives, memory cards, PC cards, etc.)

  • Hard drives

  • Tape devices

  • WiFi adapters

  • Bluetooth adapters

  • Apple iPhone/iPod touch/iPad, BlackBerry, Windows Mobile and Palm OS

  • MTP-enabled devices (Android, Windows Phone, etc.)

  • Printers (local, network and virtual)

  • Terminal Services device

Ports Secured:

  • USB

  • FireWire

  • Infrared

  • Serial and parallel

 

Network Communications Controlled:

  • Email/Web Mail: MAPI (Microsoft Exchange), SMTP/SMTPS, IBM Notes (formerly Lotus Notes), Gmail, Yahoo! Mail, Hotmail (Outlook.com), AOL Mail, Microsoft Outlook Web App (OWA, formerly Outlook Web Access), GMX.de, Web.de, Mail.ru, Rambler Mail, Yandex Mail

  • Social Networking: Facebook (+API), Twitter, Google+, LinkedIn, Tumblr, MySpace, Vkontakte (+API), XING.com, LiveJournal, MeinVZ.de, StudiVZ.de, Disqus, LiveInternet.ru, Odnoklassniki.ru

  • Instant Messengers: Skype, ICQ/AOL, Windows Live Messenger, Yahoo! Messenger, IRC, Jabber, WhatsApp Web, Mail.ru Agent

  • Cloud File Sharing Web Services: Google Drive, Dropbox, Box, OneDrive/SkyDrive, iCloud, Amazon S3, Yandex Disk, Cloud Mail.ru, GMX.de, Web.de, iFolder.ru (Rusfolder.com)

  • Internet Protocols: HTTP/HTTPS, FTP/FTPS, Telnet, Torrent

  • Other: SMB disk shares

Clipboard Control:

  • Inter-application clipboard copy/paste operations

  • Data types independently controlled: files, textual data, images, audio, unidentified data with text content filtering

  • Copy operations between host and guest OS clipboards

  • Screenshot operations (PrintScreen and 3rd-party applications)

 


Data Types Controlled:

  • More than 5,300 file types (recognized regardless of the file extension)

  • 120+ file formats including Microsoft Office, Adobe PDF, AutoCAD, OpenOffice, Lotus 1-2-3, WordPerfect, WordStar, Quattro Pro, Email repositories and archives, CSV, DBF, XML, Unicode, etc.

  • 40+ types of nested archives including GZIP, RAR, ZIP, etc.

  • Data synchronization protocol objects: Microsoft ActiveSync®, Palm® HotSync, iTunes®

  • Pictures containing text as image (embedded in MS Office, AutoCAD and PDF documents or as separate graphic files, 30+ graphic formats)

 


Content Filtering Technologies:

  • Industry-specific (HIPAA, etc) keyword matching template with 'whole word', 'case' options, morphological analysis for words in English, French, Italian, German, Spanish/Catalan, Russian, Portuguese, Polish and support for Russian transliterated words

  • Pre-built Regular Expression (RegExp) pattern templates with numerical threshold conditions & Boolean (and/or/not/...) rule connectors (Ex. SSN, passport, other government issued numbers, credit cards, banking industry numbers, etc.)

  • File and extended document properties (name, size, if password protected, if contains text, last modified date/time, title, subject, tags, categories, comments, authors, Oracle IRM, etc.)

  • Content contingent shadowing of removable media, Plug-n-Play storage devices, printing, network protocols, PDA local synchronizations and clipboard operations for all parsed file formats and data types

  • Optical Character Recognition (OCR) for the following languages: Arabic, Bulgarian, Catalan, Chinese simplified, Chinese traditional, Croatian, Czech, Danish, Dutch, English, Estonian, Finnish, French, German, Hungarian, Indonesian, Italian, Japanese, Korean, Latvian, Lithuanian, Norwegian, Polish, Portuguese, Romanian, Russian, Slovak, Slovenian, Spanish, Swedish, and Turkish


Virtualized Environment Control:

  • DeviceLock DLP controls redirected removable drives, network shares, USB devices, printers, clipboard, and serial ports via desktop and session remoting protocols (RDP, ICA, PCoIP, HTML5/WebSockets) as well as network communications of Virtual Desktop & Terminal Session clients. Provides Virtual DLP for BYOD devices restricted to only accessing corporate applications/data in this way

  • Supported environments: MS RDP/RDS (including MS RemoteFX), Citrix XenApp, Citrix XenDesktop, Citrix XenServer, VMware View, Windows Virtual PC, and Oracle VM VirtualBox


Encryption Integration:

  • Windows BitLocker To Go

  • Apple OS X FileVault

  • PGP® Whole Disk Encryption

  • TrueCrypt®

  • Lexar® Media SAFE S1100 & S3000 Series

  • SafeDisk®

  • SecurStar® DriveCrypt® (DCPPE)

  • Sophos SafeGuard Easy


Content Discovery:

  • Windows endpoint computers (file systems, email repositories, mounted peripherals), network shares, storage systems

  • Local synchronization folders of cloud-based file hosting applications: Amazon Cloud Drive, Box, Cloud Mail.ru, Copy, Dropbox, Google Drive, iCloud, MediaFire, OneDrive, SpiderOak, SugarSync, Yandex.Disk

  • Modes: agentless, agent-based, mixed

  • Manual and scheduled automatic task execution

  • Actions: Delete, Safe Delete, Delete Container, Set Permissions (for NTFS files), Log, Alert, Notify User, Encrypt (using EFS for NTFS files)

  • Static & dynamic target list configuration, discovery reports, automatic on-demand Discovery Agent installation/removal


Full-Text Audit & Shadow Repository Searching:

  • All parsed file formats and data types

  • PCL, Postscript, and other printout formats

  • Indexing and search based on: log record parameters, word, phrase, number

  • Search logic: “all words” (AND), default “hit count” weighting, configurable term and field weighting

  • Stemming and noise-word filtering for English, French, German, Italian, Japanese, Russian, and Spanish

  • Synonym text search for English and Russian languages

  • Optical Character Recognition (OCR) allows the extraction of text from images for further indexing

bottom of page