cancel
Showing results for 
Search instead for 
Did you mean: 
complexxl9
Level 7

General DLP questions

Jump to solution

Hi,

I would like to know about some of DLP features.

1) As I understand there is possibility to collect all emails with their contents and attachments and store them as evidence, is this possible only with outlook (and other email clients) or will this also work with webmail? (exchange or zimbra for example).

2) Can I store history of where users are browsing? Just a list of URL's per User.

3) Can I store files as evidence sent via instant messengers like Skype and store messengers chat history as evidence?

4) Am I not mistaking that DLP can store screenshots taken by users as evidence, can it also take periodic snapshots of users desktops?

5) Can all of the above evidences be stored on client computers or only on server? (for the purpose of saving network traffic).

Message was edited by: complexxl9 on 5/25/11 7:14:09 AM CDT
0 Kudos
1 Solution

Accepted Solutions
amiyabisoi
Level 9

Re: General DLP questions

Jump to solution

1) As I understand there is possibility to collect all emails with their contents and attachments and store them as evidence, is this possible only with outlook (and other email clients) or will this also work with webmail? (exchange or zimbra for example).

Yes - HDLP can store evidences for outlook, lotus (e-mail protection) and web mails like gmail, yahoo, OWA etc (web protection)

2) Can I store history of where users are browsing? Just a list of URL's per User.

No - You need a proxy or web/URL gateway - Check out McAfee Web Gateway. I think if you have McAfee Network DLP, that might help to some extent in storing web traffic

3) Can I store files as evidence sent via instant messengers like Skype and store messengers chat history as evidence?

Storing evidence - Yes, chat history - No. Again Network DLP or McAfee Web Gateway might be of help

4) Am I not mistaking that DLP can store screenshots taken by users as evidence, can it also take periodic snapshots of users desktops?

No. It doesn't do any type of backup or snapshot of the end-point.

5) Can all of the above evidences be stored on client computers or only on server? (for the purpose of saving network traffic).

Server or NAS or SAN. When the endpoint is offline, all the evidence get stored locally encrypted and those goes to evidence storage when machine goes online in network.

Let me know if you have any other questions/queries/concerns related to HDLP.

-AB

0 Kudos
6 Replies
geek
Level 10

Re: General DLP questions

Jump to solution

1) Only Outlook and Lotus Notes

2) I don`t know exactly but i think no

3) "Can I store files as evidence sent via instant messengers like Skype" -yes "store messengers chat history" -no

4) no

5) only on server (you can limit network bandwith from agent to server)

0 Kudos
amiyabisoi
Level 9

Re: General DLP questions

Jump to solution

1) As I understand there is possibility to collect all emails with their contents and attachments and store them as evidence, is this possible only with outlook (and other email clients) or will this also work with webmail? (exchange or zimbra for example).

Yes - HDLP can store evidences for outlook, lotus (e-mail protection) and web mails like gmail, yahoo, OWA etc (web protection)

2) Can I store history of where users are browsing? Just a list of URL's per User.

No - You need a proxy or web/URL gateway - Check out McAfee Web Gateway. I think if you have McAfee Network DLP, that might help to some extent in storing web traffic

3) Can I store files as evidence sent via instant messengers like Skype and store messengers chat history as evidence?

Storing evidence - Yes, chat history - No. Again Network DLP or McAfee Web Gateway might be of help

4) Am I not mistaking that DLP can store screenshots taken by users as evidence, can it also take periodic snapshots of users desktops?

No. It doesn't do any type of backup or snapshot of the end-point.

5) Can all of the above evidences be stored on client computers or only on server? (for the purpose of saving network traffic).

Server or NAS or SAN. When the endpoint is offline, all the evidence get stored locally encrypted and those goes to evidence storage when machine goes online in network.

Let me know if you have any other questions/queries/concerns related to HDLP.

-AB

0 Kudos
complexxl9
Level 7

Re: General DLP questions

Jump to solution

Thank you for answers, I have additional questions.

What are pricinciple differences between HDLP and Network DLP ? Can they work together or you have to pick one?

Are the above answers true for both DLP 3.0 and DLP 9.0 ? Do I need to purchase anything to upgrade from 3.0 to 9.0?

on 5/26/11 7:07:22 AM CDT
0 Kudos
rplolo
Level 7

Re: General DLP questions

Jump to solution

hi,

can I block/disallow file transfer through skype via DLP endpoint solution?

0 Kudos
aurelius
Level 7

Re: General DLP questions

Jump to solution

Remark for 1) and 3):

1) It works only in IE (web post rule). For other browsers - there is another rule "Application file protection rule" that is ineficient (capture file on its opening/attaching and actualy capture other files from folder opened in dialog box).

3) Everyone says about the impossibility capture encrypted messages, but how other DLP solutions do that (for example TrendMicro do that excelent)?    McAfee should take measures...

0 Kudos
vimalnavis
Level 13

Re: General DLP questions

Jump to solution

Unless the keys are available for decryption and/or the solution has analyzed the contents before encryption, no product can read encrypted files.

Defeats the purpose of encryption.

You can block/disallow file transfer through Skype using Network Communication Protection Rule.

This rule works with Tags only.

0 Kudos