Fidelis XPS™ has a two-tiered Deep Session Inspection™ architecture that consists of multiple policy sensors placed around the network to detect and/or prevent data breaches, and a central management console, CommandPost™, to distribute policies and then collect and organize alerts. Each of these components is delivered as a preconfigured network or virtual appliance. Because of this extraordinary network visibility over all ports and protocols, Fidelis XPS overcomes the vulnerabilities in traditional DLP tools, which often do not have visibility into or prevention capability over non-standard ports.
Fidelis XPS provides seven different types of data breach prevention sensors, including:
The Fidelis XPS Direct sensor monitors and enforces policy across all 65,535 ports on the network. Deployed at the network egress point, the Fidelis XPS Direct sensor can see and manage all direct-to-internet traffic at multi-gigabit speed.
The Fidelis XPS Edge sensor is designed to monitor and enforce policy for traffic flowing to the internet via all ports, and via ICAP-enabled proxy servers— consolidating the function of Fidelis XPS Direct and Fidelis XPS Proxy into a single network appliance that is perfectly suited for a remote office environment.
The Fidelis XPS Internal sensor provides an unprecedented level of network visibility into and control over how information is used and misused across the enterprise by monitoring internal network traffic at multi-gigabit-speed without endpoint installations. It enables policy enforcement on both inter-departmental transfers within the organization and on potentially sensitive transfers out of the data center.
The Fidelis XPS Web sensor (formerly known as Fidelis XPS Proxy) monitors and enforces policy for traffic flowing through ICAP-enabled proxy servers. Sessions with policy violations are prevented by terminating the session or by redirection to a policy page.
The Fidelis XPS Mail sensor monitors and enforces policy for SMTP e-mail traffic, gracefully handling e-mail including quarantine, sender notification, and redirect to e-mail encryption solutions.
Through a scalable, blade-based architecture, Fidelis XPS BladeArray provides real-time analysis of traffic coming in and leaving networks to enable customers to maintain their security posture on high capacity networks at key points of control such as Internet Access Points and internal aggregation points (such as those leading to a DataCenter or campus distribution point).
Fidelis XPS Scout is a portable appliance designed to provide the comprehensive network visibility of Fidelis XPS to audit, assessment, and incident response teams. This all-in-one portable network appliance can be easily moved between networks to help an organization measure its data leakage risks. From enabling internal or external audit or assessment to help an organization understand its risk of data breaches to giving fast visibility to incident response teams into what may still be leaking after an incident, Fidelis XPS Scout is the premier solution to gain visibility into those potential risks.