I just have some questions when consulting DLP solution to customer so what are the best answers for these questions
1. Why we have to use NDLP while HDLP can do almost NDLP task? (NDLP cost a lot money, time, and training process)
my answer: NDLP can help manage all the endpoint devices that HDLP cannot control (particularly for those dont have endpoint agent)
2. HDLP can discover sensitive data so why we use NDLP?
my ans: HDLP cannot discover sensitive data on some type such as database
3. DLP manager can control all the other DLP appliance on a single GUI. what else DLP manager can do?
4. DLP Monitor is a passive protect solution as it just monitors the traffic on the network (it cannot protect the network such as block, or quarantine the network), so why we have to use it?
my ans: Monitor can help administrator being proactive to capture the traffic identifying the future risk and tune rule (setup new policies) to stay ahead data risks
5. DLP endpoint can protect sensitive data being leak outside by many ways (web post, chatting, screen capture, web mail, email) so why we need DLP prevent?
Could you please give comments for these question/answer, some of them i dont know how to answer and are they good answers?
thanks and best regards,
Message was edited by: qtanit on 10/1/13 9:56:34 PM CDT
Message was edited by: qtanit on 10/1/13 10:00:21 PM CDT
Message was edited by: qtanit on 10/1/13 10:04:28 PM CDTMessage was edited by: qtanit on 10/1/13 10:44:07 PM CDT
from my experience kindly find below some info:
1-your answer is good, NDLP is used for non windows OS because the HDLP work only on windows OS
2-NDLP Discover will search in the entire network and not only where the agent is installed
3-NDLP manager can control HDLP also
4-with NDLP Monitor you can monitor all trafiic going through SMTP,HTTP,FTP,POP3...protocols so you can fine tune your HDLP policies and you can monitor what the non managed PCs are sending using these protocols.
5-NDLP prevent is integrated with Mail Server and proxy to stop leakage from non managed PCs.
I hope this may help.