Data Loss Prevention System

Product Service

Special Topics in Security

Security Research

About Us

About Topsec

China's leading cyber security, big data and cloud service provider

Learn about Topsec

Company Profile

Contact Us

Zero Trust

Build a dual system security framework of zero trust inference and trusted inference.

Network DLP Overview

Network DLP is an independent gateway product designed to provide comprehensive protection and auditing of sensitive data during and after security incidents. The system can capture data transmitted through network transfer protocols, such as SMTP, HTTP/HTTPS, FTP, and SMB, as well as data transmitted through RESTful interfaces. Using deep content recognition technology, the system monitors transmitted sensitive data based on keywords defined, fingerprint library, data identifiers, weight dictionary, machine clusters, and other sensitive data matching rules, and responds to unauthorized data transmission with alarms, auditing, interruption, or approval requests. The system supports multiple types of deployment, including transparent proxy, forward/reverse proxy, and routed mode. It is applicable to various scenarios, such as IPv4, IPv6, and cloud application.

Activity & Announcement

Hot products Next Generation Firewall
Typical cases CNCC security construction project

Advantages

Deep content recognition and sensitive behavior awareness

Leveraging deep content recognition technology and industry-leading optical character recognition (OCR) engine, the system can recognize 1000+ document types and 30+ image formats, extract content from 300+ documents, and identify encryption, compression and nested compression, frequent leakage of small amounts of data, and other data-related behaviors.

Diverse deployments to suit all usage scenarios of business systems

The system supports multiple types of deployment, including transparent proxy, forward/reverse proxy, and bypass deployment. It is applicable to various scenarios, such as IPv4, IPv6, and cloud application.

Comprehensive data flow monitoring and prompt response to data leakage

The system visualizes distribution of sensitive data of different types and confidentiality levels, data transmission methods, source IP addresses, destination addresses, and other factors. It takes protective measures quickly upon sensitive data leakage violating security policies, and audits use of sensitive data, security incidents, policy execution, and other behaviors related to sensitive data.

Open architecture and flexible forms of delivery

The system has a loosely coupled architecture, in which the monitoring sub-system and management sub-system operate independently. The system supports integration with other systems through API and can be deployed on traditional networks, clouds, and big data environment. Topsec can deliver dedicated hardware devices and independent software to customers.

Application

Scenario

The Database Audit and Protection System is deployed in the network in inline mode and uses the built-in deep content recognition engine on the network DLP system to filter, identify, and intercept data transmitted.

Issues Resolved

By auditing all outgoing transfer behaviors on sensitive data and intercepting outgoing flows of sensitive data, the system eliminates risks of data leakage.
The system prevents data theft that may cause huge economic losses to a company.
Using this system, enterprises can protect personal information of customers in accordance with local laws and regulations, avoiding potential legal proceedings.

Scenario

The Database Audit and Protection System is deployed in the network in bypass mode and mirror or direct data traffic to the network DLP system for auditing.

Issues Resolved

The system audits all outward forwarding behaviors on sensitive data as well as the content being forwarded, and keeps complete records of data leakage for post-incident investigation.
Using this system, enterprises can protect personal information of customers in accordance with local laws and regulations, avoiding potential legal proceedings.
Data auditing can be implemented without changing the network architecture, reducing risks of data leakage and helping to improve employees' awareness of data security.

Scenario

The system is deployed through forward/reverse proxy. That is, the proxy feature is configured on a PC or switch, and data is transmitted through the network DLP system.

Issues Resolved

The system identifies, audits, and intercepts specified data flows to reduce risks of data leakage in cloud applications.
Using this system, enterprises can protect personal information of customers in accordance with local laws and regulations, avoiding potential legal proceedings.

Value to Customers

All-round protection against data leakage at the network layer

The built-in deep content recognition engine monitors network transmission channels and data transferred on the network, reducing risks of data leakage at the network layer.

Easy security compliance

The system provides multidimensional sensitive data monitoring to prevent leakage of confidential information and keeps records for security compliance management in the enterprise and security audits by auditing authorities.

Lower risks of reputational damage

The system prevents data leakage that may bring negative influence to a company and helps to improve employees' awareness of data security.

Visible data transfer

The system provides graphical reports concerning various factors to help administrators monitor data transfer on the intranet.

Relevant Recommendations

Product Recommendation

Special Recommendation

News Recommendation