FacebookTwitterLinkedIn


Support Login  |  Partner Login  |  Contact Us
products section
Home » Products » Fidelis XPS
» Sensors

Sensors

The Fidelis Extrusion Prevention System®, Fidelis XPS™, has a two-tiered Deep Session Inspection™ architecture that consists of multiple policy sensors placed around the network to detect and/or prevent data breaches, and a central management console, CommandPost™, to distribute policies and then collect and organize alerts. Each of these components is delivered as a preconfigured network or virtual appliance.

Fidelis XPS provides seven different types of sensors, including:

Fidelis XPS Direct:

The Fidelis XPS Direct sensor monitors and enforces policy across all 65,535 ports on the network. Deployed at the network egress point, the Fidelis XPS Direct sensor can see and manage all direct-to-internet traffic at multi-gigabit speed.

  • Choose implementation as an out-of-band sniffer, or as an inline layer 2 bridge.
  • Sessions with policy violations can also be prevented by terminating individual
    network sessions using TCP poisoning or by dropping traffic, depending on the
    configuration.

Fidelis XPS Edge:

The Fidelis XPS Edge sensor is designed to monitor and enforce policy for traffic flowing to the internet via all ports, and via ICAP-enabled proxy servers— consolidating the function of Fidelis XPS Direct and Fidelis XPS Proxy into a single network appliance that is perfectly suited for a remote office environment.

  • Delivers comprehensive visibility and control for all outbound network traffic to meet the needs of organizations with decentralized network egress points and the requirement to deploy comprehensive information protection at the remote office level.
  • Simplifies deployment at the internet gateway by consolidating network data breach prevention functionality into a single sensor.

Fidelis XPS Internal:

The Fidelis XPS Internal sensor provides an unprecedented level of visibility into and control over how information is used and misused across the enterprise by monitoring internal network traffic at multi-gigabit-speed without endpoint installations. It enables policy enforcement on both inter-departmental transfers within the organization and on potentially sensitive transfers out of the data center.

  • Monitors and enforces policy for internal traffic while logging authorized data extracts and preventing unauthorized access.
  • Supports protocols typically only seen inside the network (and unavailable in traditional network “DLP” products) including Oracle and DB2 database access, SMB/CIFS/SAMBA file transfers, and directory queries.

Fidelis XPS Proxy:

The Fidelis XPS Proxy sensor monitors and enforces policy for traffic flowing through ICAP-enabled proxy servers. Sessions with policy violations are prevented by terminating the session or by redirection to a policy page.

  • Provides SSL traffic inspection (when paired with a proxy server with SSL termination capability).
  • Redirects users to configurable policy page when transmission is prevented.

Fidelis XPS Mail:

The Fidelis XPS Mail sensor monitors and enforces policy for SMTP e-mail traffic, gracefully handling e-mail including quarantine, sender notification, and redirect to e-mail encryption solutions.

  • Choose implementation as a mail transfer agent (MTA) accepting traffic from internal mail servers and delivering to the organization’s mail gateway, or as a Milter to inspect traffic flowing through an existing MTA.
  • Messages with policy violations can be managed by preventing delivery, quarantining for further review, or redirecting to another mail gateway for secure delivery. Sender notification of the policy violation is configurable.

Fidelis XPS Connect:

Fidelis XPS Connect extends business critical content-awareness to the entire enterprise by leveraging Fidelis XPS' core architecture, including purpose-built document decoding, content analysis, and content policy definition technologies.

  • Minimize development time, effort, and expense via Simple Content Inspection Protocol (SCIP), a network based, programmatic interface.
  • Easily add business-critical content awareness to complementary security solutions to enforce policy-based decisions regarding the storage, transfer, or movement of enterprise data.

Fidelis XPS Scout:

Fidelis XPS Scout is a portable appliance designed to provide the comprehensive visibility of Fidelis XPS to audit, assessment, and incident response teams. This all-in-one portable network appliance can be easily moved between networks to help an organization measure its data leakage risks. From enabling internal or external audit or assessment to help an organization understand its risk of data breaches to giving fast visibility to incident response teams into what may still be leaking after an incident, Fidelis XPS Scout is the premier solution to gain visibility into those potential risks.