. : Perimeter Security Solutions – Content Filtering
Vericept is the only outbound content control solution that enables corporations and organizations to gain complete 360° visibility into all insider risk whether inadvertent or malicious and control violations before they occur. A unique suite of analysis detection capabilities identifies, classifies, correlates, captures and stops information leakage. With 360º visibility and control across the entire network, Vericept provides maximum protection against state and Federal compliance violations, customer data loss, intellectual property theft, insider hacker activity, fraudulent employee lawsuits, inappropriate Internet usage and corporate espionage.
Vericept helps you to gain immediate visibility into:
- Unauthorized access of confidential customer information
- The leaking of sensitive documents
- Unencrypted transmission of PHI or cardholder information
- The posting of financial reports and source code
- Insider hacker planning and activity
- Internet misuse causing legal exposure
- Damaging blogs by the trusted insider
- Resignation and intellectual property theft
Network, Desktop and Email Control
Complete security begins with a comprehensive platform. The Vericept 360º Risk Management Platform provides total content control throughout the entire enterprise from the desktop to the network perimeter. Identify and prevent confidential information loss, control enterprise risk throughout the network, identify security gaps, receive alerts of impending malicious internal activity and keylogger activity, and recognize compliance policies and procedures requiring additional training.
360° Visibility and Control
For maximum protection against confidential information loss and other legal exposure, Vericept uses over 70 time-tested Risk Categories and a suite of content detection methodologies to identify violations that can cause reputation, financial and legal risk. Unlike other data loss prevention products, Vericept allows corporations to control this information leakage without impeding the flow of business with automatic encryption and Self-Compliance functionality. Automatic encryption identifies email transmissions of unencrypted customer, employee or patient data, automatically encrypts and sends without any user interaction. Vericept's unique Self-Compliance functionality identifies a policy violation, alerts the sender and allows the sender to decide whether or not to continue with this communication. In addition to automatic encryption and Self-Compliance, Vericept also provides blocking and quarantine capability to instantly stop damaging information loss.
The Vericept 360° Risk Management Platform
Vericept Concept 360º
Based on the patent-pending Intelligent Content Control Engine™, Vericept's Content 360º Solution analyzes all Internet-based communication and attachments including email, the Internet, IM, P2P file sharing, chat rooms, blogs, Web postings, FTP and Telnet for violations of a company's corporate governance, compliance and acceptable use policies. Utilizing a suite of content detection technologies and over 70 pre-defined Risk Categories, Content 360º helps to instantly identify, capture, correlate and control the insider threat to protect an organization from compliance, productivity, reputation and legal risk.
Vericept Control 360°
Automatic encryption, block, quarantine or Self-Compliance capability for email communication and attachments violating corporate and compliance policies. Based on the Vericept Risk Categories, custom categories or CANDL (Content Analysis Description Language) categories, email policies can easily be set to control how information flows outside of the organization. Self-Compliance and user alerts can also train users on corporate policy. Self-Compliance sends the communication back and allows the sender to decide whether or not to continue sending. User alerts inform the sender of the policy violation and the action of encryption, block or quarantine that was taken.
Vericept Discovery 360°
Investigate data-at-rest to discover additional violations residing in stored data on desktops, laptops and file servers. Based on the Intelligent Content Control Engine, Discovery 360° analyzes data-at-rest utilizing the Vericept Risk Categories to identify and capture violations of the corporate and compliance policy, and provide additional “proof-positive” evidence.
Vericept Desktop 360°
Vericept Desktop 360° controls information leakage on desktops and endpoints. Discover where confidential documents reside on laptops, desktops and servers to determine all insider risk and infractions associated with confidential data loss, compliance and acceptable use violations. Restrict print, save, copy, access, movement and download of sensitive data to removable media or other drives whether connected or disconnected to the network. Send user alerts or self-compliance messages to train on company policy and control content without impeding the flow of business . Monitor laptop inactivity to preempt possible violations of lost or stolen data.
Monitors All TCP Traffic
Protects Content on the Network, Desktop and via Email
Stops damaging information leakage
Over 70 Categories Out-of-the-Box
Easy Custom Category Creation
Highlighting, Risk Dashboards and Reporting
Advanced Search Capability
Investigation Management and Forensic Analysis Tools
Flexible Policy and Data Management
Centralized System Management
Email Self-Compliance, Block, and Quarantine
Desktop Content Discovery and Control
For more information:
Resource documents: http://www.vericept.com/resources/resources.asp
Industry and government regulations dictate that companies exercise close control over many types of electronic data, and organizations are looking for ways to maintain the integrity of their corporate information. Although content filtering technologies have been available for quite some time, they have been increasingly difficult to manage in terms of time associated with creating dictionaries, assigning thresholds and other activities related to the analysis of described content.
CipherTrust’s Compliance Profiler analyzes multiple file types, including images, uses artificial intelligence technologies and reduces the administration time associated with simple content filtering technologies by:
- Automatically “learning” which data is sensitive and eliminating the need to build manual dictionaries.
- Applying simple high-level rules defined for classes of content rather than complicated individual threshold rules.
- Enforcing role-based administration with compliance review interface and workflow capabilities.
- Analyzing many document formats, including 85 different image types and more than 200 file types.
- Supporting multiple languages, including French, German, Korean, Japanese, Portuguese, Simplified Chinese and Traditional Chinese, for customized dictionaries and content analysis, translated versions of all reports, rule and policy input in any supported language, and more.
Policy Definition - CipherTrust suite of gateway security products ships with pre-loaded policy creation tools to simplify the process, including lexicon-specific dictionaries for all major legislation and default policies based on industry-specific best practice.
Violation Detection - Once policies are defined, it's time to ensure that you can detect any and all violations of these policies. The text contained within an e-mail message must be thoroughly scanned in order to identify terms that could constitute a violation of the law. Dynamic dictionaries of regulation-specific terms must be maintained and common formats such as Social Security and credit card numbers must be identified before the message leaves the e-mail gateway.
File attachments present an additional risk, as they can contain libraries of information that must also be handled in accordance with federal guidelines. To neutralize the threat of file attachments, file attachments must be verified based on their encoding, not just their extension. Archives such as .zip files must also be thoroughly scanned in order to evaluate everything contained in the archive. CipherTrust Compliance Profiler searches all outbound message traffic for violations of corporate or federal regulatory policy, including Fingerprinting, Adaptive Lexical Analysis, Clustering, and Advanced Content Filtering.
For more information:
Document resources: http://www.ironmail.com/resources/index.php
The IronPort Compliance Filters™ use a unique multi-category pattern-matching algorithm to significantly reduce false positives. For example, HIPAA does not require a message to be blocked simply because it contains a medical condition or drug code. However, if the message correlates this medical information to a particular individual, then there is enough evidence to block this message or take some other remedial action. In addition to accurately identifying confidential information, the lightweight IronPort Compliance Filters scan emails very quickly, ensuring that there is no delay in email communications. The same IronPort appliance that handles outgoing email delivery can perform all email filtering operations.
IronPort's email security appliances integrate these critical features to offer customers a turnkey solution for email compliance:
- Comprehensive Policy Management - Manage all content security policies using a single GUI dashboard.
- Workflow Integration - Easily implement remediation policies with customizable notifications and role-based access for compliance quarantines.
- Centralized Reporting and Logging - Generate reports for unprecedented mail flow visibility. Instantly track messages for compliance audits.
- Email Encryption - High-performance TLS encryption for business partner communication. Integration with best-of-breed vendors like PostX for flexible deployment options.
Content scanning and filtering for email policy enforcement
Content scanning enables organizations to effectively monitor messages for sensitive information. The IronPort content scanning engine contains pre-defined content filters for HIPAA, GLB, and other regulations. The engine automatically scans email for protected financial and health information and its easily extensible lexicons allow administrators to customize these rules to meet specific requirements. IronPort's content scanning engine filters messages based on message or attachment content, subject, sender, recipient, message headers, or message body.
To ensure messages are properly preserved, indexed, and accessible, archiving is a critical component of the vast majority of compliance programs. Through the use of open standards, and partnerships with leading vendors such as Veritas, IronPort helps users ensure email records are secured and stored properly.
Enterprise management tools including monitoring and reporting
To support policy management and audibility, IronPort Mail Flow Monitor™ and Mail Flow Central™ provide complete real-time visibility into email traffic. Detailed logs and reports identify messages that trigger specific policy rules and track the actions taken on these messages. Additionally, this information is maintained under change control, which provides the kind of audibility called for in email related regulations.
For more information:
Resource documents: http://www.ironport.com/resources/
Content Inspection Director (CID) is a managed service delivery platform for carriers
enabling centralized and optimized IP value added service deployment. With CID, carriers can extend high-performance security and media services to customers worldwide, customizing delivery, guaranteeing SLA’s and increasing revenues.
Radware`s CID provides Carriers with a unified, high-availability, maximum performance switch-based architecture to centrally manage content inspection, content filtering and media delivery services for customers.
CID granular traffic classification and flow management enable the simple customization of value added services, allowing carriers to configure, tailor and deploy service packages according to customer requirements. Combining load balancing, bandwidth management and advanced traffic management CID accelerates IP application delivery, guaranteeing service levels for the best end user experience.
Optimizing resource utilization across all IP application resources, CID enables high-scalability, for seamless growth in new users and applications, thus reducing server build-out operating costs by up to 40%.
In a business where assurance is everything, Radware`s CID allows carriers to deliver value added services with complete confidence.
Multi-Gigabit Anti-Virus and URL Filtering
Maximum throughput ASIC-based application switching for accelerated content inspection and URL filtering and the highest performance of all anti-virus gateways
Pre-screening, bypassing and service acceleration
Traffic bypassing and direction of relevant traffic only to anti-virus services accelerates content scanning by 500% eliminating the security - performance tradeoff. Advanced caching, TCP session handling, image compression and bandwidth management further accelerate inspection, for the best end user experience
Content Inspection Service Scaling
Optimized content inspection across all tools and security resources maximizes utilization for seamless scaling of content filtering capacities while cutting the cost of adding new content security server deployment by up to 40%
Combined Best of Breed Content Inspection Support
Transparent deployment of any best-of-breed content filtering for complete vendor freedom and seamless build out, with no integration overhead
Guaranteed Content Delivery Service Levels
Complete control over bandwidth allocation and traffic prioritization, to guarantee performance levels by applications and users while controlling content security resource consumption to cut content security operating costs
For more information:
Radware CID brochure: http://www.radware.com/content/document.asp?_v=about&document=2973
Radware CI FAQs: http://www.radware.com/content/products/library/faq_cid.pdf
To know more about any of Secure Datacom’s Security Solutions, contact your SDI salesperson or email us.