Networking

01:00 PM
Connect Directly
RSS
E-Mail
50%
50%

CheckPoint Launches DLP, Emphasizes User Awareness

CheckPoint Software Technologies has jumped into the Data Loss Prevention (DLP) market with the release of CheckPoint DLP, a gateway product for inspecting outbound traffic to prevent information-sharing policy violations and maintain regulatory compliance. The product, which can sit inline to block communications or simply monitor traffic, examines SMTP, HTTP (including Web mail) and FTP traffic. MultiSpect, the product's data-classification engine, detects more than 600 file formats and includ

CheckPoint Software Technologies has jumped into the Data Loss Prevention (DLP) market with the release of CheckPoint DLP, a gateway product for inspecting outbound traffic to prevent information-sharing policy violations and maintain regulatory compliance. The product, which can sit inline to block communications or simply monitor traffic, examines SMTP, HTTP (including Web mail) and FTP traffic. MultiSpect, the product's data-classification engine, detects more than 600 file formats and includes more than 270 predefined content data types.

CheckPoint emphasizes the new product's user education and self-remediation component, UserCheck, as a prime capability. When a possible violation is detected, the gateway can be configured so that a user gets a customizable pop-up saying that their message has been quarantined. Users have the option of sending, discarding or reviewing the message.

While all DLP products have this type of capability, CheckPoint makes user involvement a focal point of its approach. The aim is to make users aware that someone is watching, and that they are violating policy by transmitting sensitive information to unauthorized recipients and/or over unauthorized channels. "It gives users an opportunity to think about how they are handling sensitive data, at the same time, it guides them towards keeping with corporate policy," says Tamir Hardoff, CheckPoint's group manager for Product Marketing.

"It's very beneficial for enterprises that want to use DLP as educational tool to help the user community understand policy and help them to become better data stewards," says Michael Suby, director of Stratecast, a division of Frost & Sullivan. "Some organizations may prefer to have centralized control, while others put greater emphasis on user engagement." Organizations can also have an administrator or manager review any suspect content, or block messages automatically. Companies have been slow to use blocking because they have to be convinced that DLP can block intelligently without a lot of false positives, and the need for administrators to fine-tune the rules for exceptions.

CheckPoint says it targets false positives as a prime issue with DLP deployments. False positives can slow business processes by frustrating users and putting added burdens on help desks. The vendor asserts that its MultiSpect detection engine is highly accurate, but that's to be expected. The proof will come in the customer's environment. "There is no standard way to measure accuracy, no industry standards," says Suby. "You are in many ways relying on reputation of the vendor."

CheckPoint DLP is available as a dedicated appliance or as a gateway software blade. CheckPoint's flexible Software Blade Architecture includes security blades for firewall, VPN, IPS, Web security, URL filtering, anti-virus/anti-malware and email, as well as advanced networking, acceleration and clustering and VoIP. CheckPoint is also developing DLP end-point capability.

While a number of competitors offer both gateway and client-based DLP, CheckPoint is unique among major security vendors in developing its DLP product internally, rather than through acquisition. The DLP market has seen extensive consolidations in the last three years. Last year CA bought Orchestria and Trustwave acquired Vericept. Earlier acquisitions include McAfee (Onigma and Reconnex), Symantec (Vontu), RSA Security/EMC (Tablus) Trend Micro (Provilla), Raytheon (Oakley Networks) and Websense (PortAuthority Technologies). Remaining independent vendors include Verdasys, Code Green, Fidelis Security Systems, Workshare, Palisades Data Systems and GTB Technologies Inc.

A lab test of six DLP products is available here.

Pricing for the software blade starts at $3,000 per year for up to 500 users to $15,000 per year for 1,500-plus users. There are two appliance models. The DLP-1 2571 is $14,990 for the first year, including service, and $7,000 per year for service  thereafter. The DLP-1 9571 costs $49,990 for the first year, including service, and $12,000 per year for service thereafter.

Comment  | 
Print  | 
More Insights
Cartoon
Slideshows
Audio Interviews
Archived Audio Interviews
Jeremy Schulman, founder of Schprockits, a network automation startup operating in stealth mode, joins us to explore whether networking professionals all need to learn programming in order to remain employed.
White Papers
Register for Network Computing Newsletters
Current Issue
2014 Private Cloud Survey
2014 Private Cloud Survey
Respondents are on a roll: 53% brought their private clouds from concept to production in less than one year, and 60% ­extend their clouds across multiple datacenters. But expertise is scarce, with 51% saying acquiring skilled employees is a roadblock.
Video
Twitter Feed