cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Highlighted

Email protection - DLP Prevent vs DLP Endpoint

Dear Community,

 

Hope you can clarfy my confusion.

When it comes to email protection what is the difference or advantage of DLP Prevent over DLP endpoint.

I can create email protection rules using DLP endpoint. Why would I use DLP prevent appliances ?

I can only think of one scenario when DLP agent is not installed on the endpoint . Then DLP Prevent make sense as does not relay on the agent. Is there anything apart of that adventage?

 

4 Replies
Highlighted

Re: Email protection - DLP Prevent vs DLP Endpoint

If you want to extend DLP to corporate email on a mobile device or want to monitor for webmail such as in O365 Outlook, OWA, etc, I don't believe the DLP Endpoint can be effective with those vectors, perhaps someone with more knowledge can correct me if I'm wrong. 

Highlighted

Re: Email protection - DLP Prevent vs DLP Endpoint

Hello,

You can monitor OWA and similar applications via DLP Endpoint - Web Protection Rule cover this webmail vector.

I did several use case with DLP Prevent for Example.

1) Combination McAfee Web Gateway (Reverse Proxy) and DLP Prevent -> scanning data, which users want to copying out of company. (If you have internal Sharepoint on public ip etc.)

2) DLP Prevent and Microsoft Exchange Active Sync -> If you want monitor mail traffic from cell phones etc.

3) DLP Prevent and Skype for Bussiness -> Skype is really complicated application and you can monitor traffic just using DLP Prevent.

 

 

Best regards,

Pavel

 

Highlighted

Re: Email protection - DLP Prevent vs DLP Endpoint

Hi, 

 

We are trying to block OWA (copy/paste ) using DLP Endpoint Web Rule but is does not work. Only if you upload a file containing the criteria we set. Same rule works for gmail and outlook.live. Does it need any special configuration for OWA? 

 

Highlighted
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 5 of 5

Re: Email protection - DLP Prevent vs DLP Endpoint

Hi @PetrosT ,

Thank you for writing in here.

https://docs.mcafee.com/bundle/data-loss-prevention-endpoint-11.0.500-release-notes/page/GUID-6A01FB...

DLPE 11.0.500 and above web post rule blocks the file uploads to OWA. 

For copy and paste operations you would need to use Clipboard protection rules.

To provide better help we advise you to paste possible screenshots of your rules and the copy paste destination in OWA where it is not working and gmail where it is working.

And also provide us the version of DLP you are using and the OS version and EPO version.

 

Thank you.

Regards,
Jithendran S
McAfee Employee
You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community