Perfection Series: “Data Loss Prevention – Taking it to the Next Level with McAfee DLP Integration in Stopping Data Leakage” by Andy Thurai

Intel recently announced that by combining the strength of Intel® accelerated processing and McAfee® enterprise-level security we are taking our solutions to the next level and help our customers to extend their applications far beyond the traditional perimeters in a very secure manner.

I had a privilege of a preview to our integration between the Enterprise Service Gateway (ESG) and McAfee DLP (Data Loss Prevention) and it was amazing. I am so excited and wanted to share with you some of those features and what you can expect in coming releases.

McAfee DLP is a data leakage solution that safeguards business critical information by scanning the network for sensitive data and ensuring that it doesn’t leak outside the corporate network. It also offers pre-configured policies for HIPAA, PCI, etc.

ESG is a Swiss army knife, which can be used as a secure gateway, XML Firewall, application level gateway, identity mediator, Web Service proxy, edge security device, etc.

Obviously this applies only to data in motion and not for data at rest. What is more interesting is that it is policy driven and can be identity based or role based. Now, that is powerful.

The ESG is in the line of traffic and sends the messages to DLP to find out if any part of the message is considered sensitive. If the message is considered sensitive then it can be terminated. Keep in mind it could apply as a reverse proxy as well for the incoming messages if you want messages containing certain sensitive information to enter your enterprise for compliance, auditing reasons.

 

 

 As you can see, integrating with a DLP is as simple as dragging the DLP action item and dropping it in the palette.  Once you’ve done this, enter the host/port and any other relevant information and your workflow is DLP activated. Essentially this means all of your edge devices can be connected to one central place to scan for outgoing sensitive information to stop sensitive data leaks. Now imagine the power of that. All of your edge devices – whether it is Application Firewalls, Web Gateways, XML Firewalls – can all be connected to a central place, which can scan your outgoing (and incoming if necessary) messages for sensitive information based on corporate policies and compliance requirements.

The great thing is you can start building policies as needed. McAfee DLP has functionality is known as capture. Using McAfee capture technology you can not only look for data, but you can capture all the data that is going out.  The captured data helps you see real world patterns of data usage and possibly replay this history to adjust and refine your scans.  This provides the comfort and confidence that you are aware of planned and new threats as they evolve.

We integrated with McAfee DLP, not just to show off that we are part of a bigger security organization, but also because this is a top notch solution available in the market. As you can see in the picture below by Gartner and Forrester the analysts agree.

 

 

 

 

I hope you will be as excited as I am when you see this solution in action and see how easy it is to configure and use (and re-use).

If you need more information on this or on our solutions in general please check out www.intel.com/go/identity or reach out to me.

 

Andy Thurai — Chief Architect & CTO, Application Security and Identity Products, Intel

Andy Thurai is Chief Architect and CTO of Application Security and Identity Products with Intel, where he is responsible for architecting SOA, Cloud, Governance, Security, and Identity solutions for their major corporate customers. In his role, he is responsible for helping Intel/McAfee field sales, technical teams and customer executives. Prior to this role, he has held technology architecture leadership and executive positions with L-1 Identity Solutions, IBM (Datapower), BMC, CSC, and Nortel. His interests and expertise include Cloud, SOA, identity management, security, governance, and SaaS. He holds a degree in Electrical and Electronics engineering and has over 20+ years of IT experience.

He blogs regularly at www.thurai.net/securityblog on Security, SOA, Identity, Governance and Cloud topics. You can find him on LinkedIn at http://www.linkedin.com/in/andythurai.

Comments are closed.