Sensors
The Fidelis Extrusion Prevention System®, Fidelis XPS™, has a two-tiered architecture that consists of multiple policy sensors placed around the network to detect and/or prevent data leakage, and a central management console, CommandPost™, to distribute policies and then collect and organize alerts. Each of these components is delivered as a preconfigured network appliance.
Fidelis XPS provides five different types of sensors, including:
Fidelis XPS Direct:
The Fidelis XPS Direct sensor monitors and enforces policy across all 65,535 ports on the network. Deployed at the network egress point, the Fidelis XPS Direct sensor can see and manage all direct-to-internet traffic at gigabit speed.
- Choose implementation as an out-of-band sniffer, or as an inline layer 2 bridge.
- Sessions with policy violations can also be prevented by terminating individual
network sessions using TCP poisoning or by dropping traffic, depending on the
configuration.
Fidelis XPS Internal:
The Fidelis XPS Internal sensor provides an unprecedented level of visibility into and control over how information is used and misused across the enterprise by monitoring internal network traffic at gigabit speed without endpoint installations. It enables policy enforcement on both inter-departmental transfers within the organization and on potentially sensitive transfers out of the data center.
- Monitors and enforces policy for internal traffic while logging authorized data extracts and preventing unauthorized access.
- Supports protocols typically only seen inside the network (and unavailable in competitive network DLP products) including Oracle and DB2 database access, SMB/CIFS/SAMBA file transfers, and directory queries.
Fidelis XPS Mail:
The Fidelis XPS Mail sensor monitors and enforces policy for SMTP e-mail traffic, gracefully handling e-mail including quarantine, sender notification, and redirect to e-mail encryption vendors.
- Choose implementation as a mail transfer agent (MTA) accepting traffic from internal mail servers and delivering to the organization’s mail gateway, or as a Milter to inspect traffic flowing through an existing MTA.
- Messages with policy violations can be managed by preventing delivery, quarantining for further review, or redirecting to another mail gateway for secure delivery. Sender notification of the policy violation is configurable.
Fidelis XPS Proxy:
The Fidelis XPS Proxy sensor monitors and enforces policy for traffic flowing through ICAP-enabled proxy servers. Sessions with policy violations are prevented by terminating the session or by redirection to a policy page.
- Provides SSL traffic inspection (when paired with a proxy server with SSL termination capability).
- Redirects users to configurable policy page when transmission is prevented.
Fidelis XPS Scout:
Fidelis XPS Scout is the first network DLP appliance designed for audit, assessment, and incident response teams. This all-in-one portable network appliance can be easily moved between networks to help an organization measure its data leakage risks. From enabling internal or external audit or assessment to help an organization understand its data leakage risks to giving fast visibility to incident response teams into what may still be leaking after an incident, Fidelis XPS Scout is the premier solution to gain visibility into your data leakage risks.
Don’t be left out of the communication revolution.
Facebook, Linkedin, MySpace, wikis, and blogs abound. Get started today on mitigating your risks while enabling adoption of emerging technologies.
Let’s get technical. Download the Fidelis XPS Technical Overview and learn more about which sensor would be right for your organization.
GCN Declares Fidelis XPS Direct “The Product that Rocks the Boat”. Read more about why Fidelis XPS Direct was declared their Best Overall Product of the Year
Download the white paper by Robert Francis Group’s analyst Jerry Murphy, Implementing Outbound Traffic Control to Prevent Enterprise Data Loss with Extrusion Prevention