RSA Data Loss Prevention Endpoint
Discover, Educate, Enforce and Report

Datacenter:

Take the first step in proactively protecting your sensitive data

RSA® Data Loss Prevention (DLP) Datacenter discovers sensitive data and helps to enforce policies across file shares, databases, SAN/NAS storage, Microsoft SharePoint® sites and other data repositories to reduce the risk and business impact associated with data loss.

Your task is made easy with non-intrusive technologies such as temporary agents and RSA’s exclusive grid-based scanning technology. What this means for you is the lowest total cost of ownership among all leading DLP solutions

At a Glance

• Prioritize your security projects with the fastest and most accurate way to profile your risk across file shares, databases, storage systems (SAN/ NAS), Microsoft SharePoint® sites and other data repositories.
• Use grid scanning technology to transform your existing servers into a powerful cluster to scan terabytes of data in parallel with no additional hardware and little set-up time
• Reduce risk through a rich set of automated actions such as move, quarantine, change access control, and eDRM encryption
• Identify sensitive information in collaborative environments such as Microsoft SharePoint®, Documentum® and Lotus Notes®

Key Benefits

• Secure customer records and other sensitive data as required for compliance
• Protect critical business data such as intellectual property, product roadmaps, and company financial records
• Create a continuously updated risk map to help you identify gaps in your information security architecture
• Minimize impact to your administrative staff with the most intuitive and rich incident workflow and both automated and manual remediation options

Grid Scanning

Grid scanning is an RSA Data Loss Prevention’s exclusive technology which enables you to scan data at almost any speed you require. Whether you need to meet an audit deadline or monitor incremental changes to your datacenter on a regular basis, RSA’s grid scanning technology enables you to scan massive data repositories quickly and in parallel. Additional features include:

• Hot pluggable. Use simple GUI-based controls to dynamically add or remove grid workers without interruption
• Scalable. Add any number of servers anytime to scan over 100TB of data
• Resource sensitive. Can automatically throttle CPU or network bandwidth usage depending on your needs
• Minimize network traffic. Grid servers can be deployed near your data, in multiple locations
• Intelligent load balancing. No need to micromanage your scan servers whenever one finishes its task
• Low cost. There is no need to purchase additional dedicated servers. Use idle servers you already have.

Additional Features

• Scan numerous discovery targets. Scan targets include Windows®, AIX®, HP-UX® and Solaris® file shares, and Microsoft SharePoint®, Documentum® and other repositories.
• Native SharePoint® and Lotus Notes/Domino® scanning. There is no need to install an agent or extra software on the SharePoint or Domino server. Scanning is performed using standard, non-intrusive means. All configuration is accomplished centrally within the Enterprise Manager GUI.
• Bring the software to the data, not the other way around. Competitive solutions pull data back to central servers, saturating your network, or require you to install dedicated servers at remote locations. RSA Data Loss Prevention automatically deploys and manages software infrastructure to remote data centers, minimizing network traffic and administrative burden.

Endpoint:

Complete data loss prevention for sensitive information residing on laptops and desktops

RSA® Data Loss Prevention (DLP) Endpoint protects sensitive data on laptops and desktops. RSA DLP Endpoint comes in two modules: Discover and Enforce. The Discover module discovers sensitive information at rest through the analysis of content or files in the local hard drive. The Enforce module monitors actions such as print or copy on endpoints and offers a variety of remediation actions if a security policy is violated.

At a Glance

• Reduce risk by discovering and protecting sensitive data on laptops and desktops
• Minimize the time, costs and staff required to comply with regulations
• Monitor and control how end users interact with sensitive information in real-time as defined by policy
• Involve end users in remediation to build awareness of data security policies and reduce administrative costs

Benefits

• Protect sensitive data on and off the network with a completely self-sufficient agent that maintains full functionality and content analysis capabilities without constant connectivity to a management server
• Save time and streamline the incident handling process through a broad range of remediation options based on user, action and content type
• Increase visibility into endpoint policy violations by senders, recipients and content type
• Educate end users through an optional self-remediation option that provides real-time feedback on policy violations
• Ease deployment with a distributed architecture that enables hundreds of thousands of endpoint agents to be managed at remote locations with minimal latency and network congestion
• Increase security by applying file encryption, usage and permission controls to documents at rest on laptops and desktops with Microsoft Active Directory® RMS

Features

• 24/7 protection. Prevent sensitive data from leaking via the Internet, webmail, or instant messaging – even when employees are disconnected from the network
• Permanent and temporary agents. Temporary agents scan data, collect policy violations and self-uninstall to allow organizations to survey their risk landscape with minimal footprint. Permanent agents can be deployed based on the organization’s needs to provide maximum flexibility.
• Comprehensive actions. Monitor and/or prevent transfer of sensitive data to a broad range of targets such as local and network printers, USB devices and CD/DVDs
• White-listing. Authorize the use of specific devices for transfer of sensitive data. For example, permit copying only to a corporate-approved encrypted USB drive.
• Audit trail and incident management. Retain logs of end user actions, helping administrators to simplify the compliance process. Integration with the RSA enVision platform allows organizations to prioritize incidents based upon their level of severity and streamline auditing and reporting for compliance.

Supported Systems

RSA Data Loss Prevention Endpoint supports laptops or desktops with Windows 2000 SP4 or higher, including Windows 7. It also supports virtual desktop infrastructure, including VMware® View and Citrix® XenDesktop.

Network:

Data loss prevention for sensitive information in transit

RSA® Data Loss Prevention (DLP) Network identifies and enforces policies for sensitive data transmitted through corporate e-mail (SMTP), webmail, instant messaging, FTP, web- based tools (HTTP or HTTPS) or any generic TCP/IP protocols.

At a Glance

• Reduce the risk of sensitive data leaving the network perimeter via e-mail, web, instant messaging and telnet
• Audit, encrypt, quarantine or block unauthorized transmissions of compliance-driven information or intellectual property in real-time as defined by policy
• Involve end users in data security processes and remediation to build awareness and reduce administrative cost
• Maintain competitive advantage and brand value through comprehensive protection of corporate data

Benefits

• Reduce risk exposure dramatically and quickly via comprehensive support for numerous protocols
• Gain deep visibility into network policy violations by senders, recipients and content
• Flexible remediation options allow custom policy responses to varying levels of risk
• Enable global operations via scalable architecture and multi-lingual content analysis
• Unmatched breadth and depth of policy library and classification technologies result in high accuracy and ROI
• Proactively ensure that business practices and compliance requirements are followed
• Flexible deployment options result in lower operational costs
• Passive and in-line deployments support both passive monitoring of network traffic and active policy enforcement

Features

• Flexible notification. Optionally alert senders, their manager, administrator or a designated group when a policy is violated.
• Self remediation. Optionally empower end users to self-remediate DLP incidents and maintain an audit trail of justifications.
• Numerous automatic and manual remediation options. Audit, encrypt*, quarantine and block actions allow organizations to align policy responses based on varying levels of risk.
• Broad protocol coverage. Port-agnostic analysis for common protocols such as SMTP, IMAP, POP, HTTP/S, FTP, telnet, and IM.
• Sophisticated network statistics. Real-time feedback on system throughput, breakdown by protocols, capacity and trending – ideal for troubleshooting and support.

Documentation:

Download the RSA Data Loss Prevention (DLP) Datacenter Data Sheet (PDF).

Download the RSA Data Loss Prevention (DLP) Network Data Sheet (PDF).

Download the RSA Data Loss Prevention (DLP) Endpoint Datasheet (PDF).