cancel
Showing results for 
Search instead for 
Did you mean: 

How to configure nDLP monitor to capture Skype traffic

Jump to solution

Hi All

Please give me advice on such question

How to configure nDLP monitor to capture Skype traffic?

1 Solution

Accepted Solutions
Highlighted
ciffus
Level 9
Report Inappropriate Content
Message 4 of 9

Re: How to configure nDLP monitor to capture Skype traffic

Jump to solution

You will only be able to detect the existence of skype, not any of the content whether voice, video, or text.

I do this by creating a rule called "Skype detect" and check the box for Skype under Protocol -> Chat Protocols.

8 Replies

Re: How to configure nDLP monitor to capture Skype traffic

Jump to solution

Are you trying to capture the voice or message traffic?

Also, it's encrypted, so even if you capture it, you're not going to be able to understand it?

Re: How to configure nDLP monitor to capture Skype traffic

Jump to solution

Hi  SafeBoot

I'm trying capture at least event of Skype session. But if there are possibilities to get more information it would be great

Highlighted
ciffus
Level 9
Report Inappropriate Content
Message 4 of 9

Re: How to configure nDLP monitor to capture Skype traffic

Jump to solution

You will only be able to detect the existence of skype, not any of the content whether voice, video, or text.

I do this by creating a rule called "Skype detect" and check the box for Skype under Protocol -> Chat Protocols.

Re: How to configure nDLP monitor to capture Skype traffic

Jump to solution

Hi Ciffus

Thanks for answer

Re: How to configure nDLP monitor to capture Skype traffic

Jump to solution

Guys

please help me to understand what exact protocols and applications can we detect with DLP Monitor(i mean the full list)? And also on what detailization level might it be performed?

Because it seems like DLP monitor in standalone usage nothing like plain sniffer.

thanks in advance

Re: How to configure nDLP monitor to capture Skype traffic

Jump to solution

The exact list depends on the version you're using, but you can find it from the "Protocols" tab in the config gui.

http://www.mcafee.com/us/resources/data-sheets/ds-dlp-monitor.pdf will also help.

You are right - the NDLP Monitor box does not have any blocking capacity - it's a data collection and analysis product. If you want blocking, you need to buy NDLP Prevent.

Message was edited by: SafeBoot on 3/7/12 8:33:58 AM EST
ciffus
Level 9
Report Inappropriate Content
Message 8 of 9

Re: How to configure nDLP monitor to capture Skype traffic

Jump to solution

The thing that's "special" about Skype is that it does end to end encryption within the client application.  There's no way for  NDLP or any other tool to decrypt and decode the contents.

It is a major concern within networks as only the user knows what content is being passed through the application.

To prevent data loss through Skype, your best bet is to block it.

alexn
Level 14
Report Inappropriate Content
Message 9 of 9

Re: How to configure nDLP monitor to capture Skype traffic

Jump to solution

Ciffus is right.With nDLP solution you can set a capture port and sniff  your all incomming and outgoing traffic.DLP monitor is a active device and cant block anything it is used to monitor traffic  and managed with DLP Manager. It Provides Insight of Captured Data (Data in Motion).Complete solution is Manager, Monitor, Prevent and discover appliance.