02/20/2013

DeviceLock® Endpoint DLP Suite 7.2 now shipping!

DeviceLock, Inc., a worldwide leader in endpoint data leak prevention (DLP) software solutions, announced today that version 7.2 of the popular Endpoint DLP Suite software has been released for general availability. This new version includes highly anticipated alerting capabilities as well as pioneering DLP control features over several additional network protocols, applications and social networks commonly accessed by endpoints.

DeviceLock 7.2 administrators or auditors can now be conditionally alerted via SMTP email or SNMP traps when particular endpoint events occur with peripheral ports, devices, and network protocols. This gives DeviceLock customers the flexibility of either integrating seamlessly with their existing log management and SIEM infrastructure or simply using the new DeviceLock built-in alerting capabilities.

DeviceLock 7.2 protects organizations against data leakage through such popular and difficult to secure services as Skype™, Facebook, and web-based file sharing services without disrupting their acceptable use for approved business communications and processes. In addition, DeviceLock’s Endpoint DLP Suite software provides unprecedented data leak prevention for customers who use the MAPI protocol by enforcing granular contextual controls and content filtering of native Microsoft Exchange email communications and attachments directly at the endpoint. MAPI implementation makes DeviceLock DLP a strategic security component for those migrating to hosted Exchange solutions where the messaging gateway is generically controlled by a third party and may not stop sensitive email content as desired or as necessary for compliance.

To further support BYOD initiatives, DeviceLock Endpoint DLP now offers Virtual DLP to mitigate the threat of data loss in desktop and application virtualization scenarios from major vendors, such as Microsoft, Citrix and VMware. This support allows platform and device-independent data leak prevention for BYOD devices connecting to virtual Windows environments, which can be managed side by side with the physical endpoints.

What's New in DeviceLock® 7.2 (versus 7.1):

• NetworkLock: Added new protocol: "SMB" for handling local network files on shares. "SMB" control supports contextual blocking, allowing, auditing, alerting, shadowing, content analysis (for contingent shadowing) for incoming and outgoing files.
  
  
• NetworkLock: Added new protocol: "MAPI" for handling Microsoft Exchange email transactions using the Microsoft Outlook client. "MAPI" supports blocking, allowing, auditing, alerting, shadowing and content analysis separately for outgoing messages and file attachments as well as auditing, alerting, shadowing and content analysis (for contingent shadowing) for incoming messages and file attachments.
  
  
• NetworkLock: Added new protocol: "File Sharing" for web-based file exchange and synchronization services. "File Sharing" supports blocking, allowing, auditing, alerting, shadowing and content analysis of Dropbox, Amazon S3, Google Drive/Docs, MS SkyDrive, RapidShare, Yandex.Disk, Narod.ru and iFolder.ru (rusfolder) file-exchange services when using a web-based connection rather than the native application.
  
  
• NetworkLock: Added new protocol: "Skype". "Skype" control supports blocking, allowing, auditing, shadowing and content analysis of outgoing instant messages and files as well as auditing, alerting, shadowing and content analysis (for contingent shadowing) for incoming instant messages and files. Also, supports blocking, allowing, alerting and auditing of incoming and outgoing audio/video calls.
  
  
• NetworkLock: Added new feature: "Basic IP Firewall". "Basic IP Firewall" can block TCP and UDP connections via protocols that are NOT otherwise supported by NetworkLock’s list of managed Protocols. "Basic IP Firewall" can be used as a "catch-all-others" control to prevent both inbound and outbound traffic over connections like Radmin, SSH, SFTP, TFTP, NFS, LDAP, and others with the ability to allow or deny specified hosts/ports/IP addresses/ranges and conditionally alert on the activity.
  
  
• NetworkLock: Added support for the IPv6 data interception and control at the protocols level.
  
  
• NetworkLock: Added support for Disqus comment system in the Social Networks control.
  
  
• NetworkLock: Added support for social networks Tumblr and LiveInternet.
  
  
• NetworkLock: Added support for Facebook API and Vkontakte API.
  
  
• NetworkLock: Added support for blocking, allowing, auditing, alerting, shadowing and content analyzing of outgoing files as well as auditing, alerting, shadowing and content analysis (for contingent shadowing) for incoming files sent via the supported Instant Messengers.
  
  
• NetworkLock: Added "Block proxy traffic" parameter in Security Settings that allows for the blocking of network communications through proxy servers HTTP/HTTPS, SOCKS4, and SOCKS5 protocols.
  
  
• NetworkLock: Added new parameter "Content Inspection" to Protocols White List. It allows administrators to optionally enforce Content-Aware Rules checking for connections otherwise allowed by specific Protocols White List rules.
  
  
• NetworkLock: Added new option "If this rule triggers" to Protocol White List for "ANY" and "SSL" rules. Ii allows administrators to enable/disable auditing and alert notifications for connections permitted by Protocols White List rules.
  
  
• NetworkLock: Added support for SSL 2.0.
  
  
• NetworkLock: Increased data exchange speed for HTTPS and FTPS connections.
  
  
• NetworkLock: Improved support for Facebook, XING, Google+, Vkontakte, Odnoklassniki, StudiVZ.de, MeinVZ.de, and SchuelerVZ.net social networks.
  
  
• NetworkLock: Improved support for the Gmail, Hotmail (Outlook.com), Web.de, Mail.ru, Rambler Mail, and Yandex Mail webmail services.
  
  
• NetworkLock: Improved support for the AOL Instant Messenger (AIM) protocol.
  
  
• NetworkLock: Improved content-aware rules support for Mail.ru Agent.
  
  
• NetworkLock: Improved support for IRC auditing and shadowing in Thunderbird client.
  
  
• NetworkLock: SSL permissions for Jabber and Mail.ru Agent have been deprecated and merged. All communications (both Generic and SSL) are now controlled by Generic permission settings.
  
  
• NetworkLock: Fixed error that caused BSOD in "srvnet.sys" on Windows 7.
  
  
• ContentLock: Added support for Oracle IRM. ContentLock can check whether the file sealed or not; can detect the context, seal and last modification time. Also, the Oracle IRM control can unpack sealed files and perform analysis of the file’s content.
  
  
• ContentLock: Content-aware rules for Permissions can now be enabled for the Printers device type in addition to the Printer Shadowing content rules previously available. This control is Printer-independent and there is no requirement to save the file to the file system prior to printing for the content analysis filtering to occur.
  
  
• ContentLock: Added ability to perform content analysis for text and unidentified content copied via Clipboard for regular and virtual/terminal server Windows environments. Shadowing Content Aware Rules are supported for text and unidentified content copied via Clipboard for regular and virtual/terminal server Windows environments.
  
  
• ContentLock: Added new Regular Expression pattern templates: American Name, Austria SSN, China National ID, Danish Personal ID, Dollar Amount, Dominican Republic ID Number, Finnish ID, France INSEE Code, French NINO, German eTIN, German Phone Number, Health Insurance Claim, US/UK Home Address, Irish PPSN, Irish VAT, Norwegian Birth Number, National Provider Identifier, Polish ID Number, RAMQ, ROK Registration Number, Spanish DNI, Spanish NIF, Spanish SSN, Sweden Phone Number, Sweden Post Code, Sweden Personal ID, Scotland Community Health Index, Taiwan ID Number, UK NHS Number, and Canadian Postal Code.
  
  
• ContentLock: Added search morphology (linguistics) for keywords. It supports Catalan, English, French, German, Italian, Polish, Portuguese, Russian, and Spanish languages.
  
  
• ContentLock: New option for Regular Expression pattern content templates: "Count identical matches as one match".
  
  
• ContentLock: Added "Extended Document Properties" control. It allows ContentLock to logically block, allow, and shadow documents and identify content based on the following fields of compound documents: Title, Subject, Tags, Categories, Comments, Authors, Last saved by, Company and Manager.
  
  
• ContentLock: Added search support for Russian transliterated words in content-aware rules when the "Word Forms" flag is enabled.
  
  
• ContentLock: Improved processing performance for PDF files that contain many embedded images.
  
  
• ContentLock: Significant improvements in the MS Office documents (doc, docx, ppt, pptx, xls, xlsx, rtf) processing speed and attachments extraction.
  
  
• ContentLock: Fixed issue with "Archives content inspection on read" and "Archives content inspection on write" options when inspecting MS Office documents for attachments and embedded images.
  
  
• ContentLock: Improvements in memory management when processing Content-Aware Rules with the "Word forms" option enabled for keywords.
  
  
• DeviceLock: Added real-time event-based alerts. Alerts can be sent via SMTP emails and/or SNMP protocols. There are two types of alerts: administrative (e.g. service settings change, DeviceLock agent termination, changes made in the list of DeviceLock Administrators, user’s unsuccessful attempts to change the policy and so on) and device/protocol specific alerts – administrator can configure such alerts the same way as audit rules. DeviceLock provides a queue for alerts so the endpoints can send them later if either of the designated alert communication channels (SMTP and/or SNMP) are unavailable at the time the alerts are generated.
  
  
• DeviceLock: Added new device type: TS Devices. It supports Removable drives, Serial ports and USB devices forwarded in terminal session. It also includes сlipboard operations in terminal and/or virtual environments. Supported environments are: MS RDP/RDS (including MS RemoteFX), Citrix XenApp, Citrix XenDesktop, Citrix XenServer, VMware View, MS VirtualPC, and Oracle VM VirtualBox.
  
  
• DeviceLock: Added new component: DeviceLock WebConsole. It brings the ability to manage DeviceLock Service, DeviceLock Enterprise Server, DeviceLock Content Security Search Server and edit DeviceLock Service settings files from any internet browser.
  
  
• DeviceLock: Added "Safe File Overwrite" feature which prevents user’s original file deletion following write-denied file activities with the same file name. While the changes are not kept due to the content violation, the original file remains in the folder. An audit log event is recorded when the original file is restored by the "Safe File Overwrite" feature after an attempted file-save that included ContentLock-blocked content occurs.
  
  
• DeviceLock: Now it is possible to enable/disable audit or send alerts for certain content-aware rules (devices & protocols).
  
  
• DeviceLock: Added new Service Options parameter: "Audit folder operations" which allows administrator to enable/disable audit for user’s folder operations on storage devices.
  
  
• DeviceLock: Added new Service Options parameter: "Audit log threshold for file operations" which allows administrator to roll-up similar audit events during specified period of time.
  
  
• DeviceLock: Added new flag that simplifies configuration for enabling/disabling auditing and shadowing of removable, floppy and optical drives allowed via USB White List.
  
  
• DeviceLock: Added new flag that simplifies configuration for enabling/disabling auditing and shadowing of optical media allowed via Media White List.
  
  
• DeviceLock: Added new "Read-only" flag in USB White List and Temporary White List for removable, floppy and optical drives to simplify this configuration option.
  
  
• DeviceLock: Added new column to the audit log viewer: "Reason". "Reason" displays the subsystem that allowed or denied access based on DeviceLock policy.
  
  
• DeviceLock: Added "Format" permission to audit & shadowing options for storage devices.
  
  
• DeviceLock: Added shadowing support for the Clipboard device type control.
  
  
• DeviceLock: Improved support of shadowing for printers. Now, PDF files are created for the shadow copies of printed data.
  
  
• DeviceLock: Shadowing content-aware rules now apply only to that type of data which is specified in the rule. For example, if administrator creates a rule for Windows Mobile "contacts" data type, this rule will not affect files shadowed for other data types for Windows Mobile device.
  
  
• DeviceLock: Optionally, the DeviceLock Service can now send just the filenames of shadowed data files to the DeviceLock Enterprise Server’s repository and continue to store the original file data locally on the source endpoints if desired.
  
  
• DeviceLock: Improved and optimized data compression for audit and shadow data sent to DeviceLock Enterprise Server.
  
  
• DeviceLock: Major improvements in audit for devices. Several events that were considered redundant are not logged anymore.
  
  
• DeviceLock: Major enhancements in protection against local administrator tampering. Now DeviceLock can monitor and restore its files and settings in case they were modified or removed by the user. Also, DeviceLock can protect system’s hosts file from tampering.
  
  
• DeviceLock: Added "Use strong integrity check" parameter to DeviceLock Administrators tamper protection feature. When enabled it allows DeviceLock Service to check the digital signature of all its executable components.
  
  
• DeviceLock: DeviceLock Search Server now able to perform full-text search inside files within archives that have been shadow-copied.
  
  
• DeviceLock: The search page of DeviceLock Search Server now shows the history of search queries for quick reference and re-use.
  
  
• DeviceLock: Now it is possible to add computers from Active Directory or from any LDAP tree to the static list in DeviceLock Enterprise Server central monitoring tasks.
  
  
• DeviceLock: Added the "Switch PostScript printer to non-PostScript mode" parameter in Security Settings to enable shadowing and content-aware rules for PostScript printers.
  
  
• DeviceLock: Added "Undefine ContentLock policy" and "Undefine NetworkLock policy" parameters in the management consoles user interface. These parameters allow administrators to quickly and completely remove the ContentLock and NetworkLock settings from the DeviceLock policy.
  
  
• DeviceLock: DeviceLock Management Console now remembers credentials used to connect to DeviceLock Service, DeviceLock Enterprise Server, and DeviceLock Content Security Search Server and allows administrator to use them when connecting to the same computer.
  
  
• DeviceLock: DeviceLock Management Console can now display the total license limit amount and the number of DeviceLock endpoint licenses actually used for audit and shadow data collection and monitoring by the DeviceLock Enterprise Server.
  
  
• DeviceLock: DeviceLock Management Console can now display the total license limit amount and the actual number of DeviceLock Search Server licenses actually used for DeviceLock Enterprise Server shadow log and audit logs indexing.
  
  
• DeviceLock: Devices in the USB White List are not treated as keyloggers anymore.
  
  
• DeviceLock: Improvements in Temporary White List to restrict temporary device access to only the user who originally requested access with DeviceLock Control Panel applet code.
  
  
• DeviceLock: Added NDIS driver support to better handle network interface cards (USB, WiFi, etc.) access control and auditing.
  
  
• DeviceLock: Added new audit log reports: "DeviceLock Service versions", "DeviceLock Service versions by computers" and "Top used printers".
  
  
• DeviceLock: The DeviceLock Management Console’s Enterprise Server Reports for "Top active computers", "Top active users", "Top copied files, "Top used USB devices" and "Copied files per channel" have been extended to show failed shadow copies.
  
  
• DeviceLock: The DeviceLock Management Console’s Enterprise Server "Top inserted USB & FireWire devices" report has been extended to show separate ratings for allowed and denied operations.
  
  
• DeviceLock: Improved certificate authorization logic in DeviceLock Enterprise Server (DLES). Now, when authorization based on DeviceLock Certificates is used, DeviceLock Enterprise Server uses less CPU time.
  
  
• DeviceLock: Fixed latency scenario where the DeviceLock Service operated with its default settings for a short period of time while waiting for group policy settings to arrive from the domain controller.
  
  
• DeviceLock: Improved Temporary White List functionality in the VMware View versions 4.6 and 5.1 environment.
  
  
• DeviceLock: Compatibility provided to run applications virtualized with VMware ThinApp.
  
  
• DeviceLock: Improved CPU load performance when Internet Explorer is launched on Windows XP in the Hyper-V environment.
  
  
• DeviceLock: Added USB White List support for virtual USB devices that are forwarded using Thinstuff XP/VS Terminal Server and USB Redirector software.
  
  
• DeviceLock: Fixed compatibility issues with third-party hardware: Commerzbank Signature stick, Huawei E173 3G modem, and Vimicro USB web camera.
  
  
• DeviceLock: Fixed compatibility issues with third-party software: think-cell plugin for Microsoft PowerPoint 2007, Microsoft ForeFront TMG, XIV management GUI, ArcGIS Desktop, AutoCAD 2010, AutoCAD 2011, Adobe Flash player, Kodak Prinergy, Kaspersky Internet Security 2013, and Remote Administrator 2.2.
  
  
• DeviceLock: Many internal optimizations and improvements in DeviceLock Service.
  
  
• DeviceLock: Many interface improvements in DeviceLock Management Console.
  
  
• The user manual and program help files have been significantly updated to include information about all new features.
  
  

DeviceLock Endpoint DLP Suite components are priced on a modular basis. DeviceLock, a leading port and peripheral device access control component, can be purchased independently. As all components are included in any Suite’s installation, customers interested in the ContentLock and NetworkLock add-on components can deploy their DLP functionality incrementally by simply turning on additional capabilities as their security requirements demand and budgets allow.