Support Login  |  Partner Login  |  Contact Us
products section


Fidelis XPS™ has a two-tiered Deep Session Inspection™ architecture that consists of multiple policy sensors placed around the network to detect and/or prevent data breaches, and a central management console, CommandPost™, to distribute policies and then collect and organize alerts. Each of these components is delivered as a preconfigured network or virtual appliance. Because of this extraordinary network visibility over all ports and protocols, Fidelis XPS overcomes the vulnerabilities in traditional DLP tools, which often do not have visibility into or prevention capability over non-standard ports.

Fidelis XPS provides seven different types of data breach prevention sensors, including:

Fidelis XPS Direct:

The Fidelis XPS Direct sensor monitors and enforces policy across all 65,535 ports on the network. Deployed at the network egress point, the Fidelis XPS Direct sensor can see and manage all direct-to-internet traffic at multi-gigabit speed.

  • Choose implementation as an out-of-band sniffer, or as an inline layer 2 bridge.
  • Sessions with policy violations can also be prevented by terminating individual
    network sessions using TCP poisoning or by dropping traffic, depending on the

Fidelis XPS Edge:

The Fidelis XPS Edge sensor is designed to monitor and enforce policy for traffic flowing to the internet via all ports, and via ICAP-enabled proxy servers— consolidating the function of Fidelis XPS Direct and Fidelis XPS Proxy into a single network appliance that is perfectly suited for a remote office environment.

  • Delivers comprehensive network visibility and control for all outbound network traffic to meet the needs of organizations with decentralized network egress points and the requirement to deploy comprehensive information protection at the remote office level.
  • Simplifies deployment at the internet gateway by consolidating network data breach prevention functionality into a single sensor.

Fidelis XPS Internal:

The Fidelis XPS Internal sensor provides an unprecedented level of network visibility into and control over how information is used and misused across the enterprise by monitoring internal network traffic at multi-gigabit-speed without endpoint installations. It enables policy enforcement on both inter-departmental transfers within the organization and on potentially sensitive transfers out of the data center.

  • Monitors and enforces policy for internal traffic while logging authorized data extracts and preventing unauthorized access.
  • Supports protocols typically only seen inside the network (and unavailable in traditional network “DLP” products) including Oracle and DB2 database access, SMB/CIFS/SAMBA file transfers, and directory queries.

Fidelis XPS Web (formerly known as "Proxy"):

The Fidelis XPS Web sensor (formerly known as Fidelis XPS Proxy) monitors and enforces policy for traffic flowing through ICAP-enabled proxy servers. Sessions with policy violations are prevented by terminating the session or by redirection to a policy page.

  • Provides SSL traffic inspection (when paired with a proxy server with SSL termination capability).
  • Redirects users to configurable policy page when transmission is prevented.

Fidelis XPS Mail:

The Fidelis XPS Mail sensor monitors and enforces policy for SMTP e-mail traffic, gracefully handling e-mail including quarantine, sender notification, and redirect to e-mail encryption solutions.

  • Choose implementation as a mail transfer agent (MTA) accepting traffic from internal mail servers and delivering to the organization’s mail gateway, or as a Milter to inspect traffic flowing through an existing MTA.
  • Messages with policy violations can be managed by preventing delivery, quarantining for further review, or redirecting to another mail gateway for secure delivery. Sender notification of the policy violation is configurable.

Fidelis XPS BladeArray:

Through a scalable, blade-based architecture, Fidelis XPS BladeArray provides real-time analysis of traffic coming in and leaving networks to enable customers to maintain their security posture on high capacity networks at key points of control such as Internet Access Points and internal aggregation points (such as those leading to a DataCenter or campus distribution point).

  • Supports full analysis and prevention up to 20Gbps (aggregate) and is delivered on an enterprise-ready hardware platform.
  • High availability and adaptive load balancing through internal fault detection, re-route traffic away from blades that have been detected as having failed; and correct for cases where uneven traffic distribution causes overload conditions on individual blades.
  • Also available in a NEBS-compliant chassis, making it suitable for deployment in Telecom environments with stringent reliability and quality of service requirements.

Fidelis XPS Scout:

Fidelis XPS Scout is a portable appliance designed to provide the comprehensive network visibility of Fidelis XPS to audit, assessment, and incident response teams. This all-in-one portable network appliance can be easily moved between networks to help an organization measure its data leakage risks. From enabling internal or external audit or assessment to help an organization understand its risk of data breaches to giving fast visibility to incident response teams into what may still be leaking after an incident, Fidelis XPS Scout is the premier solution to gain visibility into those potential risks.

secondary navigation resources