Endpoint Data Loss Prevention Validation

Validate the performance and accuracy of endpoint data loss prevention solutions

 

Data Loss Prevention (DLP) goes by many names; Data Leak Prevention, Information Leak Detection and Prevention (ILDP), Information Leak Prevention (ILP), Content Monitoring and Filtering (CMF), Information Protection and Control (IPC) and even Extrusion Prevention Systems. Whatever the name, the goal of DLP products is to monitor and prevent data leaks or data loss to:

  • Meet government regulations
  • Prevent the loss of sensitive data

Enterprises, specifically those in financial services, insurance, retail and healthcare, must comply with government regulations. These range from HIPAA in health and benefits, GLBA and Basel_II in finance, and Payment Card Industry DSS standards. In most cases these regulations demand that the companies undergo a regular information technology audit (IT audit) and if it is found that the organization is not protecting against data leaks they may face penalties.

Each week, a new company reports that data has been lost, leaked or stolen. This ranges from sensitive customer data such as credit card numbers to critical intellectual property. This can mean fines for violating government regulations, direct loss of revenue and irreparable damage to an organization's reputation.

Endpoint data loss prevention and deep packet inspection (DPI)

DLP solutions work by having the ability to recognize confidential or sensitive information, and flag this data before it leaves a company's network. Deep packet inspection (DPI) capabilities enable DLP solutions to inspect for targeted keywords, names, dictionaries and even regular expressions for partial document matching. The greater the accuracy of the DLP system, the more protected an organization is from losing sensitive data. Additionally, because of the reliance on DPI, a DLP system may have an effect on the latency of a network, potentially causing performance issues.

Validating endpoint data loss prevention with BreakingPoint Storm CTM™

Organizations deploying data loss prevention systems must be able to validate the accuracy of the solution and confirm that it will not create unacceptable latency issues on their network. BreakingPoint Storm CTM is an ideal solution for validating the accuracy and performance of DLP solutions before deployment in the network and throughout the life cycle as the cyber infrastructure and requirements for DLP evolve.

Verify endpoint data loss prevention accuracy

A DLP solution must monitor a variety of applications, most notably email, web, FTP, P2P, VoIP and others. Additionally the solution must inspect the actual content of the applications including file type, file attributes and deeper meta-data such as language, attachments, keywords and more. The BreakingPoint Storm CTM provides more than 100 application protocols to ensure the DLP solution can handle each, but also allows for embedded data or "needle in a haystack" validation. Users can embed text or file attachments within any application protocol and validate that the DLP solution identifies the data.

Assess endpoint data loss prevention performance

DLP solutions are vital to many organizations, but they can adversely effect the performance of your network. Since DLP solutions are often deployed in-line they must perform accurately without introducing latency. The BreakingPoint Storm CTM is a high-performance engine with the ability to generate application traffic at line speeds of tens of gigabits per second. Simulating realistic traffic at these speeds will not only validate that the DLP solution works properly, but will also identify performance issues that may arise when it is deployed.

The BreakingPoint Storm CTM is the only solution that organizations can rely on to validate DLP solutions during pre-deployment assessment and throughout the system life cycle to ensure it continues to work as promised within today's changing landscape.

Create PDF Printer Friendly Bookmark and Share