Firewall with Context based Data Leak Prevention System

Security Challenges of Businesses - Data Leak a major concern

Hundreds of Web Applications traverse a network everyday. Some of these applications, like social media provide a strong marketing tool but expose enterprise to risks. As perimeter of business boundaries is evaporating, it is leading to higher risk to business data and Intellectual Property. Intentional or unintentional data leak of information is a major concern for enterprises due to the exposure of users to increasing number of personal and business applications. The challenge that an enterprise face is that these applications use evasion techniques like dynamic or random port numbers or application emulation.  Applications like bit-torrent, facebook, gmail, webchats, skype, Instant Messaging which are popular with users constitute risk to enterprises as they are unable to affectively monitor and control these applications and content sent through these applications. This is because Firewalls don’t understand content, don’t understand applications, can’t see inside SSL-encrypted traffic, and have no understanding of users.  Enterprises are unable to match the Application risks and rewards, as Firewalls/UTM’s are unable to provide visibility and control beyond, port and protocols.


Data Leak Statistics

GajShield Firewall Data Leak Prevention

  • More than 68% of data leak happens through Web and Email
  • GajShield unique patent pending ‘Context Sensitive Data Leak Prevention’ help prevent data leak


Why is Data Leak a Concern? This is what customers are telling us about Data Leaks.

  • Loss of Sensitive Information - "I don’t know how we can control data from being sent in email or uploaded to the Web."
  • Inadvertent Misuse -  "Most of our policy violations and information breaches are accidental!"
  • Collaboration Risk - "I think some of my employees are posting and sharing confidential information on Social Networking Site like Facebook."
  • Context Sensitive - “My current Data Leak Prevention System causes a lots of false positive and block data as it is unable to understand the Web application.”
  • In-depth Visibility - "Need in-depth visibility on the sensitive data that my employees are uploading. Would be wonderful, if it could give this information in a readable format."
  • Data Leak outside Network Perimeter - "What happens when my employees carry their laptop while travelling. Need to control and prevent leaks even when they are out of office.”


GajShield’s Next Generation Firewall Context based Data Leak Prevention enables to control and mitigate leak of information:

GajShield’s context based Data Leak Prevention system understand web application by creating context which helps an enterprise to setup policies based on the web application instead of IPs, Usernames which have no relevance to the above application.

For Example

  • You can create policies based on the ‘From’, ‘To’, ‘Subject’, ‘Email Data’, ‘Attachments’ of email applications.
  • Reduces false positives with greater control over data leaks.
  • Provides better data leak prevention than simple regex matching.

Limit access to Internet Web Applications

Enterprise need access to Social Media applications like Facebook to grow their business as it provides a wonderful marketing tool to reach out to its existing or future customers. Providing access to Facebook can also lead to leaking information, intentionally or un-intentionally. Similarly, access to applications like Twitter, Gmail, Yahoo Mail is also required in this connected world.

With the help of GajShield Data Leak Prevention System you can now setup policies to limit the access of these applications based on authorised users of these application who have been given access by your organization. For example, you can restrict your corporate yahoo id to login to yahoo. All other ids will be blocked. Personal usage, even if the user is allowed to access yahoo, will be blocked. Similar policies can be setup even on Social Media sites.

GajShield Firewall's Data Leak Prevention allows enterprise user to access to rich Web application without compromising security.

GajShield Firewall's Data Leak Prevention features

  • Giving visibility on the applications used and not just the ports or protocols.
  • Monitor and block files being uploaded on the internet with details of the application used and the user who used to upload this file.
  • Monitor IM & Web chats and block content, if data leak is suspected.
  • Policies can be set based on users, groups. Also based on the application context.
  • Schedule DLP policies, for example, you may want to allow certain files after a particular time when this information becomes public.
  • Get detailed information of outbound data going on internet.
  • In-depth reporting of data moving out of network.
  • No agent installation required for DLP on PC’s.
  • Easy to manage & monitor logs.
  • Complete visibility of data going through encrypted HTTPS traffic.
  • Generic web traffic can also be blocked, allowed & logged.
  • Powerful DLP Engine sense data on filters set in DLP polices for a granular analysis.
  • DLP & UTM on a single appliance, which makes it cost effective.
  • Identifies Who is accessing Which application and What content is being sent out.
  • Monitor & Block unwanted applications like P2P, Open proxies – to reduce the chance of information leak.
  • Easy to configure and integrated into single firewall policy window.
  • Standard data leak templates provided to quick setup your DLP feature on GajShield firewall.