|
|
|
13 Apr 2010
Comments:1
Check Point claims its leap into the data leak prevention (DLP) space will create lucrative upsell opportunities for its channel.
Unveiled today, the new network-based solution combines a classification engine that inspects traffic flow for all data in motion with a “human factor” in the form of the security vendor's UserCheck technology.
Starting at $3,000 (£1,945), Check Point said the launch would lower the barrier of entry into DLP, which has so far failed to take off as some predicted.
Further reading
Talking to CRN, Amnon Bar-Lev, vice president of global field operations at Check Point, said the launch represents a perfect opportunity for partners to target the vendor’s 150,000-strong install base.
Bar-Lev said resellers would bag an extra $70,000 from a typical customer with 10 gateways if they persuaded them to plug the DLP offering into their infrastructure, alongside its recently launched IPS software blade and SmartWorkflow and SmartEvent blades.
“This is an opportunity for partners to grow with Check Point,” he said. “It is a very basic upsell to the existing install base.”
According to some UK channel sources, after a stuttering start, the DLP market will boom 16-fold over the next few years and could be worth $4.5bn by 2014.
Bar-Lev poured scorn on the previous wave of DLP solutions, branding them complicated, expensive and difficult to manage.
“The reason the market didn’t grow is the solutions out there didn’t solve the problem,” he said.
Related articles
In this video find out about the fast-growing Chinese vendor's plans for market domination and how the channel is its route of choice
Find out what gifts Acer has in store for partners for 2012 in this exclusive roundup of its recent conference
CRN's premier networking event is back on 17 May at the Ricoh Arena
Date: Thu 17 May 2012
Channel fighters preparing to square up once more on 24 May
Date: Thu 24 May 2012
The proliferation of endpoint devices within the enterprise has highlighted the shortcomings of one of the traditional approaches to data security
This Forrester report compares the costs and benefits of legacy email and productivity software with Google Apps
Dave discovers that rozzers are seemingly living in the technology dark ages
Mark Needham, founder of distributor Widget, argues that John Browett leaves for Apple with Dixons in better shape than when he arrived
|
|
|
Do you agree?
5 Essential Ingredients of any DLP solution:
1. Comprehensive channels coverage.
It is impossible to predict which outbound channel the next data leak will occur. Some expected avenues are: corporate email, private email, webmail, blog, instant messenger, P2P application, internal web or FTP server etc. Therefore, the DLP system must cover ALL the relevant channels.
The majority of ?DLP? systems do not even try to cover all network channels. Typically, they cover SMTP, FTP, HTTP (client side), sometimes HTTPS and instant messaging. This coverage is further handicapped. For example, scanning SMTP, these systems require integration with the corporate email server and inspect only emails sent through it. Emails sent through an external ISP are overlooked. Emails accessed from outside the perimeter through POP3 or HTTP (server side) are ignored by such solutions. The dangers of file sharing applications and exposure of the internal web servers are disregarded.
2. Enforcement
Data Leak Prevention, by its definition, requires electronic enforcement of the data security policy ? i.e. the product must be able to effectively block transmission of protected data.
Many ?DLP? products being sold are actually DLD ? Data Leak Detection products. They are designed to report what data breaches have occurred, instead of stopping them in real time.
3. Content Inspection
The true DLP solution must inspect content. Making decisions based on the form (file type, file attributes etc.) or meta-data (author, language, size of attachment etc.) is not enough.
4. Accuracy
The DLP solution must be sufficiently accurate.
Among two types of errors (false positives and undetected leaks) the more dangerous error is a false positive. In the enforcement mode, even a small amount (0.1%-0.2%) of false positives can wreak havoc in the organization. Therefore, a DLP solution has to employ detection technology with virtually zero false positives.
Another aspect of accuracy is that the DLP system must protect data and not a specific form of its representation. Therefore, the DLP system must be resilient to typical modifications of the data, such as excerpting, embedding, changing file format, re-ordering, re-typing, text re-formatting etc.
5. Non-duplicating protected data.
The DLP solution must not duplicate the protected data in any form! If it does, then DLP becomes Data Leak Provoking. But many vendors still sell products, copying the data they are supposed to protect into their internal database. Encrypting such data, or keeping it in the form of the search index is not enough to satisfy this requirement!
from GTB Technologies (DLP vendor)
Posted by Wendy - GTB Technologies | 13 Apr 2010
Have your say