Overview
Forcepoint DLP can protect organizations from information leaks and data loss at the perimeter and inside the organization, as well as in certain Infrastructure as a Service (IaaS) platforms.
- Forcepoint Data Discovery can be used to learn the location of sensitive data both on-premises an in supported cloud-based applications. It can be used to scan data on file servers, email servers, and databases, as well as in content collaboration applications, such as Microsoft SharePoint and Box.
- Forcepoint DLP Network can be used to prevent data loss through email and over web channels (HTTP, HTTPS and FTP). It supports the scanning of content supplied by third-party solutions, such as Citrix FileShare, via the ICAP protocol.
- With Forcepoint DLP Endpoint, an endpoint agent can be used to prevent data loss over endpoint channels such as removable storage devices, browser uploads, and email clients and applications (such as IM and file share clients). It can also discover and remediate sensitive data stored on laptop and desktop systems. The endpoint agent lets administrators analyze content within a user’s working environment and block or monitor policy breaches as defined by the endpoint profiles.
The basic components of Forcepoint DLP solutions are:
- Management server
The management server hosts both the Forcepoint Security Manager (the graphical interface used to manage Forcepoint DLP and other Forcepoint security solutions) and core Forcepoint DLP components. It also acts as the primary Forcepoint DLP server.
Although there is only one management server, additional Forcepoint DLP servers may be deployed for load balancing.
- Protector (requires a Forcepoint DLP Network subscription)
The protector intercepts and analyzes traffic on SMTP, HTTP(S), and FTP channels, among others. It also supports DLP content scanning with third-party proxies and data sharing solutions via ICAP.
- Agents
A variety of agents extend Forcepoint DLP functionality to work with cloud applications (CASB service) and so on.
- Endpoint clients
Endpoint client software runs on end user desktop and laptop machines