Professional Documents
Culture Documents
Data Loss Prevention Family en
Data Loss Prevention Family en
CLOUD FILE
APPS SERVERS
DATABASES
O365
EXCHANGE EXCHANGE
A Simple Way to Get the Coverage • Symantec DLP Endpoint Discover scans local hard
drives and gives you deep visibility into sensitive files
You Need that users are storing on their laptops and desktops.
Symantec DLP is available in two solution sets: DLP It provides a wide range of responses including
Core and DLP Cloud. Together they provide world- local and remote file quarantining, policy-based
class information security protection across endpoints, encryption, and digital rights management enabled
network, cloud, and storage. DLP Core includes by the DLP Endpoint FlexResponse API.
protection for endpoints, network, and storage
• Symantec DLP Endpoint Prevent monitors users’
locations while offering Sensitive Image Recognition
activities and gives you fine-grained control over a
and Information Centric Analytics (User Entity Behavior
wide range of applications, devices, and platforms.
Analytics). DLP Cloud allows DLP policies to be
It provides a wide range of responses including
extended to cloud environments by providing full CASB
identity-based encryption and digital rights for files
controls alongside DLP cloud connectors for Web and
transferred to USB. With Endpoint Prevent, you can
Email Gateways.
alert users to incidents using on-screen popups or
email notifications. Users can also override policies
Keep Data Safe While in Use on by providing a business justification or canceling the
Endpoints action (in the case of a false positive).
DLP Network Monitor captures and analyzes outbound First, Symantec DLP Network Discover finds
traffic on your corporate network, and detects sensitive confidential data by scanning network file shares,
content and metadata over standard, non-standard, databases, and other enterprise data repositories. This
and proprietary protocols. It is deployed at network includes local file systems on Windows, Linux, AIX,
egress points and integrates with your network tap and Solaris servers; Lotus Notes and SQL databases;
or Switched Port Analyzer (SPAN). Network Monitor and Microsoft Exchange and SharePoint servers. DLP
performs deep content inspection of all network Network Discover recognizes more than 330 different
communications with zero packet loss, unlike other file types—including custom file types—based on
solutions that sample packets during peak loads and the binary signature of the file. It also provides high-
put you at high risk for false negatives. speed scanning for large, distributed environments
and it optimizes performance by scanning only new or
DLP Network Prevent for Email protects sensitive
modified files.
messages from being leaked or stolen by employees,
contractors, and partners. It monitors and analyzes Next, Symantec DLP Network Protect adds robust file
all corporate email traffic, and optionally modifies, protection capabilities on top of Network Discover.
redirects, or blocks messages based on sensitive Network Protect automatically cleans up and secures
content or other message attributes. Network Prevent all of the exposed files Network Discover detects,
for Email is deployed at network egress points and and it offers a broad range of remediation options,
integrates with mail transfer agents (MTAs) and cloud- including quarantining or moving files, copying files to
based email including Microsoft Office 365 Exchange. a quarantine area, or applying policy identity-based
Network Prevent for Email is available as software or a encryption and digital rights to specific files. Network
virtual appliance. Protect even educates business users about policy
violations by leaving a marker text file in the file’s
DLP Network Prevent for Web protects sensitive data
original location to explain why it was quarantined.
from being leaked to the web. It monitors and analyzes
all corporate web traffic and optionally removes Symantec DLP also includes a FlexResponse
sensitive HTML content or blocks requests. Network API Platform that allows you to build custom file
Prevent for Web is deployed at network egress remediation actions. FlexResponse provides easy
points and integrates with your HTTP, HTTPS, or FTP turnkey integration with other Symantec and third-
proxy server using ICAP. Network Prevent for Web is party file security solutions—including Symantec File
available as software, a hardware appliance, or a virtual Share Encryption and Adobe LiveCycle.
appliance.
Protect Data in the Cloud (cont.) • Take advantage of more than 70 pre-built policy
templates and a convenient policy builder to get your
Symantec DLP Cloud Detection Service inspects system up and running quickly.
content extracted from cloud apps and web traffic
and automatically enforces sensitive data policies. • Leverage robust workflow and remediation
It offers enhanced cloud-to-cloud integration with capabilities to streamline and automate incident
Symantec CloudSOC, our industry leading cloud access response processes for high-traffic environments.
security broker solution, to protect data in motion and • Apply business intelligence to your risk reduction
data at rest across more than 100 in sanctioned and efforts with a sophisticated analytics tool—Symantec
unsanctioned cloud apps such as Office 365, G-Suite, IT Analytics for DLP—which provides advanced
Box, Dropbox, and Salesforce. The integration enables reporting and ad-hoc analysis capabilities.
extension to existing policies and robust detection to
cloud applications—managing all incidents from the Get Unmatched Visibility into
DLP console. Controls include un-share sensitive files,
quarantine, block them from leaving the application,
Confidential Data
and also apply identity-based encryption and digital At the core of any DLP solution is content-aware
rights automatically to specific files shared with third detection. Content-aware detection techniques make
parties. Symantec DLP Cloud Detection also offers it possible to find sensitive data stored in virtually
enhanced integration with Symantec Web Security any location and file format. Symantec DLP offers
Service to monitor web traffic—even when it’s the most comprehensive detection with advanced
encrypted—and protect roaming and mobile users. machine learning, image recognition, fingerprinting, and
describing technologies that accurately classify data
Symantec DLP Cloud includes support for email, so you don’t have to worry about false positives and
allowing accurate, real-time monitoring of corporate impacting business users.
email traffic by leveraging built-in intelligence and
advanced detection capabilities that minimize false
positives. It also provides real-time protection against Described Exact Indexed
Machine
Sensitive
Content Data Document Image
data leaks with automated messaging blocking, Matching Matching Matching
Learning
Recognition
or message modification to enforce downstream Described Data Structured Data Unstructured Data Unstructured Text Images
• Sensitive Image Recognition (provided with DLP • Prevent data from going to unwanted sites: Ensure
Core) detects text embedded in images such as sensitive data doesn’t get leaked over untrusted web
scanned forms, documents, screenshots, pictures and traffic, even encrypted traffic, by leveraging DLP
PDFs by leveraging our proprietary Form Recognition integration with Symantec Secure Web Gateways:
technology and built-in Optical Character Symantec ProxySG and Web Security Service.
Recognition (OCR) engine. • Integrated with Microsoft Information Protection
• Vector Machine Learning protects intellectual (MIP): Symantec DLP is integrated with the broad
property with nuanced characteristics that are rare classification and encryption capabilities provided
or difficult to describe such as financial reports and by MIP. This solution gives customers the ability to
source code. Unlike other detection technologies, detect and read documents and emails protected
Vector Machine Learning does not require you to using MIP.
locate, describe, or fingerprint the data you need to
protect. System Requirements
Symantec DLP also offers a rich set of out-of-the- The Symantec DLP solution comprises a single unified
box and add-on APIs to allow you to customize and management platform, lightweight endpoint agent,
integrate with a wide range of third-party security and powerful content-aware detection products. We
products, cloud, and proprietary applications: DLP offer the most deployment flexibility with a wide range
REST API, DLP FlexResponse API, DLP Content of options for any type of environment: on-premises
Extraction API, DLP Incident Reporting and Update software; virtual and physical appliances; public, private,
API, and DLP API Detection Virtual Appliance. and hybrid cloud services; and managed services
delivered by Symantec Partners. Unlike other solutions,
Extend Data Protection Beyond DLP Symantec DLP is proven to work in highly distributed
environments and scale up to hundreds of thousands of
As sensitive data is shared with external users or users.
travels to the cloud and goes outside of your managed
environment, it becomes vulnerable to unwanted For complete system requirements of Symantec Data
exposure. Our solution provides comprehensive Loss Prevention visit our support page.
protection for your data throughout its lifecycle beyond
your managed premises, with policy driven cloud
Start Protecting Your Information Today
access security, classification, encryption, user analytics,
and web gateways. Symantec is ready to help you extend your security
and compliance polices beyond the borders of your
• Extend DLP policies to cloud applications: Extend
firewall, so you can discover, monitor, and protect
DLP detection, policies, and workflows to cloud
your information more completely and effectively. It
apps through integration with Symantec CloudSOC
offers you the lowest total cost of ownership—with
(CASB), and manage incidents on a single console.
proven deployment methodologies, intuitive policy
• Simplify incident triage and policy management: and incident management tools, and comprehensive
Reduce time and efforts for incident remediation coverage across all of your high-risk channels.
and policy management, and mitigate data risk with
Symantec Information Centric Analytics (ICA), a User Discover the advantages of a comprehensive
and Entity Behavior Analytics provided with DLP information protection solution that’s built for today’s
Core. mobile, cloud-centered world—Learn more about
Symantec Data Loss Prevention.
• Share data more securely with others: Prevent
unauthorized access to sensitive data via strong
authentication when data is shared with business
partners with Symantec VIP Identity and Access
Management.