Data Loss Prevention News


DeviceLock® 7.0 just released!

DeviceLock, Inc., a leading developer of endpoint data leak prevention software, today announced the general availability of DeviceLock 7.0 Endpoint DLP Suite – the first version of its flagship product to extend contextual controls to a wide breadth of endpoint network communications and to enforce essential content filtering across various data channels on corporate endpoint computers.

With the separately licensed NetworkLock™ component, contextual protocol control is extended to FTP/S, HTTP/HTTPS, SMTP/S, Telnet, instant messengers, webmail, and social networking applications such as Twitter, Gmail and Facebook. Another new module, ContentLock™, enables the monitoring and filtering of textual content in files and data objects based on content rules that leverage context, regular expressions, numerical conditioning and Boolean operators. Pre-configured templates for detecting common data patterns, sensitive keywords, document properties, file types, and more are included and simple to configure or copy to make customized rules. The complete package delivers an unprecedented level of performance among endpoint DLP solutions in the same price range.

What's New in DeviceLock® 7.0 (versus 6.4.1):

  • Added new optional component - NetworkLock (NL) with comprehensive context control capabilities over endpoint network communications. NL supports port-independent network protocol and application detection and selective blocking, message and session reconstruction with file, data, and parameter extraction, as well as event logging and data shadowing. NL controls most popular network protocols and applications such as: plain and SSL-protected SMTP email communications (with messages and attachments controlled separately), web access and other HTTP-based applications including content inspection of encrypted HTTPS sessions (specifically, webmail and social networking applications like Gmail, Yahoo! Mail, Windows Live Mail, Facebook, Twitter, LiveJournal, etc.), Instant Messengers (ICQ/AOL, MSN Messenger, Jabber, IRC, Yahoo! Messenger, Agent), file transfers over FTP and FTP-SSL protocols, as well as telnet sessions.

  • Added new optional component - ContentLock (CL). CL brings more complex rules to "Content-Aware Rules". Now you can not only grant or deny access to information based on real file types but also create regular expressions (RegExp) patterns with numerical conditions and boolean combinations of matching criteria and keywords. Recognizing more than eighty file formats and data types, CL extracts and filters the content of data copied to removable drives and plug-n-play storage devices, as well as that transmitted over the network. With CL you can also filter shadowed data down to just those pieces of information meaningful to security auditing, incident investigations and forensic analysis before saving in the shadow log. This tremendously reduces storage space and network bandwidth requirements for shadow log delivery to the central database.

  • Now in "Content-Aware Rules" you can create rules for image files based on whether the image contains text or not. This feature allows you to define special rules for document's screenshots and other images with textual information.

  • Added new device type "Clipboard" to Permissions, Auditing & Shadowing and in graphical reports.

  • Now when applying content rules to archive files (zip, rar, etc.), all files are extracted from an archive are analyzing separately.

  • Added new "Archives content inspection on read" and "Archives content inspection on write" parameters to the Service Options which allow you to enable/disable the unpacking of file archives.

  • Now the file type detection engine can detect images inside PDF files and MS Office documents.

  • Added integration with BitLocker To Go (BL2G), the Windows 7 native data encryption solution for removable drives. DeviceLock detects encrypted BL2G disks and applies special "encrypted" permissions to them.

  • Added new parameter "Merge Interval" to DeviceLock Search Server.

  • Added ability to whitelist SSL connections, so that DeviceLock can be setup to allow third-party applications with embedded SSL certificates to connect to their servers.

  • You can now define a custom message to be displayed to users when a denied attempt is made to use a network protocol.

  • Added a notification message that is displayed to users when the content inspection is in progress.

  • The user manual has been significantly updated to include information about all new features.

  • Improvements in the setup routine for installation update and uninstall.

  • Many internal improvements to DeviceLock Service and DeviceLock Driver.

  • Many GUI improvements.

DeviceLock 7.0 Endpoint DLP Suite components are priced on a modular basis. DeviceLock 7.0, a leading port and peripheral device access control component, can be purchased independently. As all components are included in any Suite’s installation, customers interested in the ContentLock and NetworkLock add-on components can deploy their DLP functionality incrementally by simply turning on additional capabilities as their security requirements demand and budgets allow.


News archive