LeakWall 3.0 is released and available for download. By this release LeakWall is passing a new milestone towards universal content-aware DLP solution which now integrates:
- content filtering for devices, printers, e-mail, web and etc.
- content discovery
- content encryption
- device control
- applications policies
- central management via AD
- comprehensive reporting and audit notifications.
LeakWall 3.0 has following new features:
Data Discovery
The feature assumes scanning of end-point’s local hard disk to identify classified files. Identified files should be logged with operation type “discovery”.
The discovery is performed in background scanning procedure that is running with lowest priority and does not affect end-point performance. LeakWall console expose new type of controlled operation called "discovery" in addition to "copy", "access" and "modify".
The “discovery” allows to identify locally stored confidential files and produce a comprehensive report that facilitates creation of LeakWall policy.
Encryption Action
Encryption action is a new action LeakWall policy may apply for the rule. The action mandates encryption of sensitive files. The encryption relies on Microsoft EFS (Encryption File System) that actually encrypt files. The action is available in conjunction with “discovery” operation.
Encrypted files are transparently accessible only by users who have Windows domain account. No knowledge of additional password or key is required.
Rule Overriding Option
It is possible that LeakWall policy may block a required operation, such as sending confidential data by e-mail, printing it or copying it to a memory stick. An operation might be critical and blocking might disrupt business process.
A solution would be LeakWall policy update in order to allow the specific blocked operation. However, the policy updates could be complicated and create sophisticated configuration. Moreover, update via Group Policy cannot be immediate and at average takes 30 minutes for settings to be delivered.
A better solution is rule overriding option. The option might be applied for every blocking policy rule. Once option is applied, every access denied message, which appears at tray, contains an unblocking link. Following the link user receive an operation code, number, that should be communicated to helpdesk administrator via phone or e-mail. Helpdesk administrator should send back a pass code number which unblocks the operation for user.
LeakWall access denied message are customizable in order to integrate proper message and helpdesk contacts.
XML Feeds