Built on the patented Deep Session Inspection® architecture, Fidelis XPS™ is able to understand the context of data flowing into and throughout a particular network being protected, and any unauthorized data exiting the network can be identified and prevented from ever leaving. Unlike document cracking and content analysis components created by third parties, Fidelis XPS has been architected from the ground up to see, study, and stop advanced threats.
Deep Session Inspection employs a unique five-step content inspection process to analyze network traffic – providing the visibility, analysis, and control options necessary to prevent data breaches. Combining accuracy with speed, the steps are executed in memory (not on disk) so advanced threats and data theft can be prevented in real time.
Step 1. Packet Capture: Packets are captured flowing across the network either out-of-band or inline on the network.
Step 2. Session Reassembly: Session packets are reassembled in memory into sessions in order to conduct deep session and payload content inspection.
Step 3. Channel Control: Channels are analyzed and usage policies are automatically executed, enabling an organization to see and control what is occurring across the network and detect and contain traffic that creates significant data theft risk.
Step 4. Payload Decoding: Sessions are analyzed for document type rules and the content inside the documents is exposed for analysis.
Step 5. Content Recognition and Analysis: Critical or sensitive information is identified (based on characteristics) by sophisticated statistical and pattern-recognition content analyzers.