monitorium dlp
DESCRIPTION
Data Loss Prevention system based on DPI network traffic analysisTRANSCRIPT
![Page 1: Monitorium DLP](https://reader033.vdocuments.net/reader033/viewer/2022042503/5457d7e3af79594e128b4998/html5/thumbnails/1.jpg)
Data Loss Prevention DLP System
Monitorium
![Page 2: Monitorium DLP](https://reader033.vdocuments.net/reader033/viewer/2022042503/5457d7e3af79594e128b4998/html5/thumbnails/2.jpg)
Monitorium
• Protects confidential information and documents from theft or accidental loss through internet transmission
• Monitors and analyzes content of outgoing IP traffic • Detects and blocks security violating traffic • Can limit corporate network users’ access to Internet
resources
• Different and complimentary to firewall and antivirus: – Protects “content”, not PC hardware or internal network – Protects against internal threats
![Page 3: Monitorium DLP](https://reader033.vdocuments.net/reader033/viewer/2022042503/5457d7e3af79594e128b4998/html5/thumbnails/3.jpg)
Network installation
![Page 4: Monitorium DLP](https://reader033.vdocuments.net/reader033/viewer/2022042503/5457d7e3af79594e128b4998/html5/thumbnails/4.jpg)
System characteristics
• Deep Packet Inspection (DPI) bases Level 7 network analysis system
• Supported protocols: HTTP, FTP, TELNET, SMTP/POP/IMAP • Applications:
– Webmail (Yandex, Mail.ru, Gmail, Rambler) – IM (ICQ, Jabber, gtalk, mail.ru agent)
• File formats: – txt, rtf, Microsoft Office (.doc, .xls, .docx, .xlsx), pdf, html,
XML, ps, zip, gz, 7z, rar, tar, bzip • Content analysis: linguistic, regular expressions, dictionaries,
fingerprints, keyword matching, window hashing, stat. analysis • Supported languages: Russian, English
![Page 5: Monitorium DLP](https://reader033.vdocuments.net/reader033/viewer/2022042503/5457d7e3af79594e128b4998/html5/thumbnails/5.jpg)
Analyzed information
• Message sender address: MAC / IP address • Message receiver address: IP address, hostname • Message headers:
– Page url (www address, domain/host name) – email address – ICQ user name
• Message content: – Search queries – Blog, forum, social network posts – Email texts – IM chat texts – Content of attached documents and archives
![Page 6: Monitorium DLP](https://reader033.vdocuments.net/reader033/viewer/2022042503/5457d7e3af79594e128b4998/html5/thumbnails/6.jpg)
Interface: Event monitor
![Page 7: Monitorium DLP](https://reader033.vdocuments.net/reader033/viewer/2022042503/5457d7e3af79594e128b4998/html5/thumbnails/7.jpg)
Security rules
![Page 8: Monitorium DLP](https://reader033.vdocuments.net/reader033/viewer/2022042503/5457d7e3af79594e128b4998/html5/thumbnails/8.jpg)
Reports and statistics
![Page 9: Monitorium DLP](https://reader033.vdocuments.net/reader033/viewer/2022042503/5457d7e3af79594e128b4998/html5/thumbnails/9.jpg)
Advantages of Trafica DLP system • Real time protection and alerts • Full content analysis • Multiple monitoring points • Easy network installation • Detailed reports engine • Full text incidents archive search • Designed to be used by non-technical staff
![Page 10: Monitorium DLP](https://reader033.vdocuments.net/reader033/viewer/2022042503/5457d7e3af79594e128b4998/html5/thumbnails/10.jpg)
Trafica LLC • Founded 2008 • Central office in Moscow • 15 people • Email: [email protected]