Blue Coat DLP: Data loss prevention product overview
Expert Bill Hayes takes a look at Blue Coat DLP, a single appliance data loss prevention system that works with the company's web security gateway products.
Web security vendor Blue Coat Systems is best known for its appliance-based web security products. As an expansion of its web-centric offerings, Blue Coat offers an integrated data loss prevention product called Blue Coat DLP. This data loss prevention product series includes features for protecting both data at rest and in transit as well as monitoring SSL traffic and fingerprinting data.
Data in motion
This single-appliance product works with an organization's Blue Coat Secure Web Gateway (ProxySG) appliances to provide data in motion DLP protection for SMTP email, webmail, FTP, HTTP/HTTPS web traffic and TCP traffic. For email, the appliance can be configured as an SMTP mail transfer agent.
Data at rest
In addition to functioning as a data in motion DLP monitor, the Blue Coat DLP appliance can also act as a data at rest DLP tool, scanning files on Windows and Linux file servers, WebDav and EMC Documentum repositories. It can also scan database servers such as Informix, Microsoft SQL, MySQL, Oracle, PostgreSQL, DB2 and Sybase. Additionally, an appliance dedicated for the task can scan cloud-based resources, including Box, Egnyte, ShareFile and other cloud services.
A client-based agent for Windows allows the Blue Coat DLP appliance to discover sensitive data in more than 500 file formats and in compressed archives for Windows hosts and portable media. The DLP product can scan files stored on end-user hard drives, attached and connected Bluetooth and Wi-Fi devices as well as mapped network drives.
Data in use
The client can also function as a data in use DLP tool, monitoring content based file transfers and performing device-based access control based on device type. Blue Coat DLP also has a discovery feature that allows organizations to fingerprint data and track its use.
Blue Coat DLP appliances are offered in the DLP700, DLP1700 and DLP2700 models. They can be deployed individually for small or remote offices or work together for high availability, high throughput environments. Deploying multiple appliances for data at rest discovery can be used to search for sensitive data in different geographical and for scanning very large file repositories. Blue Coat also says the DLP product series is designed for fast installation, which typically requires less than one day.
The Blue Coat DLP product series is offered in three appliance models and is targeted at a wide range of customers, from large enterprises to smaller and medium-sized businesses. The series offers a broad range of capabilities, from protecting data in motion to data fingerprinting. The DLP appliances are designed to complement the vendor's flagship web security gateway products as well as the overall Blue Coat Security Platform, which covers on-premises networks and the cloud. Blue Coat was recently acquired by Symantec, which has its own DLP offering. It's unclear how the acquisition may affect Blue Coat DLP, if at all.
Part one of this series looks at the basics of data loss prevention products
Part two examines the business case for DLP products
Part three explores usage scenarios for DLP products
Part four focuses on procuring DLP products
Part five offers insight on selecting the right DLP product
Part six compares the best DLP products on the market