If you've got plans to implement DLP (Data Leakage Protection) into your organizations network, either for regulation or corporate compliance around confidential data protection, you're probably also looking at your secure web gateway (aka web proxy).
Why is that? Because most traffic that's likely to leave your organization today is going out over the web. Most DLP vendors prefer to not be directly inline in the network as a single point of failure, nor are their boxes or software designed to be inline as a network traffic device.
That's where the web proxy or secure web gateway comes in. The web gateway can decided when to send traffic to a DLP device over a standard protocol like ICAP and wait for a response from the DLP server before giving a response back to the end-user. Any major DLP vendor today will point you to a web proxy as the integration point for network based DLP.
The key here is to make sure your secure web gateway is capable of ICAP for integration, and generally capable of at least two ICAP server support (one for uploads and one for download scanning). The upload ICAP server is the one used for DLP, and the download one is used for malicious threat scanning (anti-malware).
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment