Concerning DATA PROTECTION McAfee has many products. For example
* Mcafee Host Data Loss Prevention
* Mcafee Network Data Loss Prevention
So what DIFFEENCES are there between Mcafee Host DLP and Mcafee Network DLP?
One is a client based product, one is a multi-terrabtye appliance, both do much the same thing though - protect you from leakage of data.
The best place to start is the web site of course - http://mcafee.com/us/enterprise/products/data_protection/data_loss_prevention/data_loss_prevention.h...
Host DLP software solutions help protect against things that the Network DLP appliances can't see:
Protect against copyng to removable devices such as USB or burning data to a CD
Prevent printing of tagged data
Data sent via encrypted and https network protocols.
Host based solutions can also enforce policy while working offline (mobile users) and provide some cross-department protection.
Network DLP has components to protects data in motion, in rest and in use and has a unique way of indexing data and can be used to monitor and discover data easily across the network. It also provides protection for nodes where a host agent can't be installed (older system, locked down etc.).
It has been a few years since this question was posted.
Would everyone agree that the information provided here is still valid for the latest versions of "network" and "endpoint" DLP?
One component that I'm particularly interested in is the ability to scan and block webmail. Can both products do this effectively?
yes, but remember, endpoint products only affect the endpoints they are installed on - so if you have Mac's, iPads etc on your network, or you don't intend to install HDLP on EVERY endpoint, you perhaps need NDLP as well.
...so if you have Mac's, iPads etc on your network, or you don't intend to install HDLP on EVERY endpoint, you perhaps need NDLP as well.
Without going into too much detail, if we only had Network DLP, how would it detect that someone is sending inappropriate data (say, someone's SSN) out via a Hotmail email? Does all outbound Internet traffic go through the NDLP device?
NDLP will detect whatever you have rules written for. There are built-in policies that will look explicitly for the SSN data. As far as if all traffic goes through NDLP, that would depend on how your traffic flow is set up. If all clients are required to use a proxy that sends data to NDLP, then all traffic will be scanned. If you are only using Monitor, then A) Traffic can not be blocked, only observed and B) SSL traffic can not be scanned.
There is a version of DLPE for Mac now, starting with v9.3. Nothing for mobile devices though.