Please give me advice on such question
How to configure nDLP monitor to capture Skype traffic?
Are you trying to capture the voice or message traffic?
Also, it's encrypted, so even if you capture it, you're not going to be able to understand it?
I'm trying capture at least event of Skype session. But if there are possibilities to get more information it would be great
You will only be able to detect the existence of skype, not any of the content whether voice, video, or text.
I do this by creating a rule called "Skype detect" and check the box for Skype under Protocol -> Chat Protocols.
Thanks for answer
please help me to understand what exact protocols and applications can we detect with DLP Monitor(i mean the full list)? And also on what detailization level might it be performed?
Because it seems like DLP monitor in standalone usage nothing like plain sniffer.
thanks in advance
The exact list depends on the version you're using, but you can find it from the "Protocols" tab in the config gui.
You are right - the NDLP Monitor box does not have any blocking capacity - it's a data collection and analysis product. If you want blocking, you need to buy NDLP Prevent.
Message was edited by: SafeBoot on 3/7/12 8:33:58 AM EST
The thing that's "special" about Skype is that it does end to end encryption within the client application. There's no way for NDLP or any other tool to decrypt and decode the contents.
It is a major concern within networks as only the user knows what content is being passed through the application.
To prevent data loss through Skype, your best bet is to block it.
Ciffus is right.With nDLP solution you can set a capture port and sniff your all incomming and outgoing traffic.DLP monitor is a active device and cant block anything it is used to monitor traffic and managed with DLP Manager. It Provides Insight of Captured Data (Data in Motion).Complete solution is Manager, Monitor, Prevent and discover appliance.