Blue Coat DLP: Data loss prevention product overview

Expert Bill Hayes takes a look at Blue Coat DLP, a single appliance data loss prevention system that works with the company's web security gateway products.

Web security vendor Blue Coat Systems is best known for its appliance-based web security products. As an expansion of its web-centric offerings, Blue Coat offers an integrated data loss prevention product called Blue Coat DLP. This data loss prevention product series includes features for protecting both data at rest and in transit as well as monitoring SSL traffic and fingerprinting data.

Data in motion

This single-appliance product works with an organization's Blue Coat Secure Web Gateway (ProxySG) appliances to provide data in motion DLP protection for SMTP email, webmail, FTP, HTTP/HTTPS web traffic and TCP traffic. For email, the appliance can be configured as an SMTP mail transfer agent.

Data at rest

In addition to functioning as a data in motion DLP monitor, the Blue Coat DLP appliance can also act as a data at rest DLP tool, scanning files on Windows and Linux file servers, WebDav and EMC Documentum repositories. It can also scan database servers such as Informix, Microsoft SQL, MySQL, Oracle, PostgreSQL, DB2 and Sybase. Additionally, an appliance dedicated for the task can scan cloud-based resources, including Box, Egnyte, ShareFile and other cloud services.

A client-based agent for Windows allows the Blue Coat DLP appliance to discover sensitive data in more than 500 file formats and in compressed archives for Windows hosts and portable media. The DLP product can scan files stored on end-user hard drives, attached and connected Bluetooth and Wi-Fi devices as well as mapped network drives.

Data in use

The client can also function as a data in use DLP tool, monitoring content based file transfers and performing device-based access control based on device type. Blue Coat DLP also has a discovery feature that allows organizations to fingerprint data and track its use.


Blue Coat DLP appliances are offered in the DLP700, DLP1700 and DLP2700 models. They can be deployed individually for small or remote offices or work together for high availability, high throughput environments. Deploying multiple appliances for data at rest discovery can be used to search for sensitive data in different geographical and for scanning very large file repositories. Blue Coat also says the DLP product series is designed for fast installation, which typically requires less than one day.

Product summary

Blue Coat DLP features
Blue Coat's DLP product series features support and protection.


The Blue Coat DLP product series is offered in three appliance models and is targeted at a wide range of customers, from large enterprises to smaller and medium-sized businesses. The series offers a broad range of capabilities, from protecting data in motion to data fingerprinting. The DLP appliances are designed to complement the vendor's flagship web security gateway products as well as the overall Blue Coat Security Platform, which covers on-premises networks and the cloud. Blue Coat was recently acquired by Symantec, which has its own DLP offering. It's unclear how the acquisition may affect Blue Coat DLP, if at all.

Next Steps

Part one of this series looks at the basics of data loss prevention products

Part two examines the business case for DLP products

Part three explores usage scenarios for DLP products

Part four focuses on procuring DLP products

Part five offers insight on selecting the right DLP product

Part six compares the best DLP products on the market

Dig Deeper on Data security and privacy

Enterprise Desktop
  • Understanding how GPOs and Intune interact

    Group Policy and Microsoft Intune are both mature device management technologies with enterprise use cases. IT should know how to...

  • Comparing MSI vs. MSIX

    While MSI was the preferred method for distributing enterprise applications for decades, the MSIX format promises to improve upon...

  • How to install MSIX and msixbundle

    IT admins should know that one of the simplest ways to deploy Windows applications across a fleet of managed desktops is with an ...

Cloud Computing