The McAfee Data Loss Prevention architecture has a classic layout and includes the following software and hardware:

• ePolicy Orchestrator 
• DLP Endpoint 
• DLP Prevent 
• DLP Monitor 
• DLP Discover 
• DLP Capture

McAfee DLP components

ePolicy Orchestrator provides a centralized management tool for McAfee solutions. In fact, this is the security administrator’s workplace, where security policies are created and distributed, and incident data is collected and processed. To solve problems of preventing data leaks, the McAfee DLP extension is used.

DLP Endpoint is a service installed on client machines. Implements control over various vectors: email, web traffic, clouds, instant messengers, printing applications, clipboard; allows you to scan the file system, including on alienated media.

DLP Prevent is designed to implement security policies that extend beyond the protected loop. Controlled services: email, instant messages, wikis, blogs, portals. When violations are detected, DLP Prevent allows you to take action such as encryption, blocking, redirection, quarantining, etc.

DLP Monitor organizes monitoring and investigations, but cannot block data.

Main functions:

• real-time traffic scanning and analysis;
• built-in support for FTP, HTTP, IMAP, IRC, LDAP, POP3, SMB, SMTP, Telnet protocols;
• the ability to accumulate data for the purpose of further statistical analysis;
• various mechanisms for classifying content types - hierarchical, signature, grammatical, statistical, based on “magic numbers”;
• ready-made rule templates - compliance, acceptable use policy, intellectual property, etc.;
• tools for creating complex reports.

DLP Discover is server software designed to run on Windows OS and can be centrally installed through ePO. The component is designed to detect critical data in documents of various formats. With its help, you can automatically analyze documents, extract and classify pieces of data.

Use cases for McAfee DLP

• Blocking unwanted content
• Preventing illegal copying of files containing proprietary information
• Prevent the transmission of email messages containing sensitive information
• Preventing leakage of corporate information from the organization's cloud storage
• Identifying the source of information leakage

McAfee DLP is a comprehensive product that covers most tasks related to data protection in an organization: searching for critical data in local and cloud files, analyzing network traffic, implementing security policies, and incident management. A special feature of the product is the possibility of flexible integration into the existing infrastructure - analytics tools can be located either on a separate hardware node or within existing virtualization tools.

Advantages:

• An integrated approach to problem solving.
• Products integrate with each other.
• Possibility of autonomous operation of agents for endpoints.
• Supports a large number of languages.
• Ability to search for critical data in the cloud.
• Possibility of integration into existing infrastructure both using hardware and using virtualization tools.
• Constant monitoring of compatibility with current versions of macOS and Windows.

Noventiq is the only McAfee Gold partner in Azerbaijan. McAfee Gold Partner status allows Noventiq in Azerbaijan to receive additional benefits and even more favorable pricing conditions when purchasing McAfee solutions.

Ready to order McAfee solutions or want a consultation? Write to us: azerbaijan@noventiq.com