02/20/2013
DeviceLock® Endpoint DLP Suite 7.2 now shipping!
DeviceLock, Inc., a worldwide leader in endpoint data leak prevention (DLP) software solutions, announced today that version 7.2 of the popular Endpoint DLP Suite software has been released for general availability. This new version includes highly anticipated alerting capabilities as well as pioneering DLP control features over several additional network protocols, applications and social networks commonly accessed by endpoints. DeviceLock 7.2 administrators or auditors can now be conditionally alerted via SMTP email or SNMP traps when particular endpoint events occur with peripheral ports, devices, and network protocols. This gives DeviceLock customers the flexibility of either integrating seamlessly with their existing log management and SIEM infrastructure or simply using the new DeviceLock built-in alerting capabilities.
DeviceLock 7.2 protects organizations against data leakage through such popular and difficult to secure services as Skype™, Facebook, and web-based file sharing services without disrupting their acceptable use for approved business communications and processes. In addition, DeviceLock’s Endpoint DLP Suite software provides unprecedented data leak prevention for customers who use the MAPI protocol by enforcing granular contextual controls and content filtering of native Microsoft Exchange email communications and attachments directly at the endpoint. MAPI implementation makes DeviceLock DLP a strategic security component for those migrating to hosted Exchange solutions where the messaging gateway is generically controlled by a third party and may not stop sensitive email content as desired or as necessary for compliance.
To further support BYOD initiatives, DeviceLock Endpoint DLP now offers Virtual DLP to mitigate the threat of data loss in desktop and application virtualization scenarios from major vendors, such as Microsoft, Citrix and VMware. This support allows platform and device-independent data leak prevention for BYOD devices connecting to virtual Windows environments, which can be managed side by side with the physical endpoints.
What's New in DeviceLock® 7.2 (versus 7.1):
- NetworkLock: Added new protocol: "SMB" for handling local network files on
shares. "SMB" control supports contextual blocking, allowing, auditing,
alerting, shadowing, content analysis (for contingent shadowing) for
incoming and outgoing files.
- NetworkLock: Added new protocol: "MAPI" for handling Microsoft Exchange
email transactions using the Microsoft Outlook client. "MAPI" supports
blocking, allowing, auditing, alerting, shadowing and content analysis
separately for outgoing messages and file attachments as well as auditing,
alerting, shadowing and content analysis (for contingent shadowing) for
incoming messages and file attachments.
- NetworkLock: Added new protocol: "File Sharing" for web-based file exchange
and synchronization services. "File Sharing" supports blocking, allowing,
auditing, alerting, shadowing and content analysis of Dropbox, Amazon S3,
Google Drive/Docs, MS SkyDrive, RapidShare, Yandex.Disk, Narod.ru and
iFolder.ru (rusfolder) file-exchange services when using a web-based
connection rather than the native application.
- NetworkLock: Added new protocol: "Skype". "Skype" control supports blocking,
allowing, auditing, shadowing and content analysis of outgoing instant
messages and files as well as auditing, alerting, shadowing and content
analysis (for contingent shadowing) for incoming instant messages and files.
Also, supports blocking, allowing, alerting and auditing of incoming and
outgoing audio/video calls.
- NetworkLock: Added new feature: "Basic IP Firewall". "Basic IP Firewall" can
block TCP and UDP connections via protocols that are NOT otherwise supported
by NetworkLock’s list of managed Protocols. "Basic IP Firewall" can be used
as a "catch-all-others" control to prevent both inbound and outbound traffic
over connections like Radmin, SSH, SFTP, TFTP, NFS, LDAP, and others with
the ability to allow or deny specified hosts/ports/IP addresses/ranges and
conditionally alert on the activity.
- NetworkLock: Added support for the IPv6 data interception and control at the
protocols level.
- NetworkLock: Added support for Disqus comment system in the Social Networks
control.
- NetworkLock: Added support for social networks Tumblr and LiveInternet.
- NetworkLock: Added support for Facebook API and Vkontakte API.
- NetworkLock: Added support for blocking, allowing, auditing, alerting,
shadowing and content analyzing of outgoing files as well as auditing,
alerting, shadowing and content analysis (for contingent shadowing) for
incoming files sent via the supported Instant Messengers.
- NetworkLock: Added "Block proxy traffic" parameter in Security Settings that
allows for the blocking of network communications through proxy servers
HTTP/HTTPS, SOCKS4, and SOCKS5 protocols.
- NetworkLock: Added new parameter "Content Inspection" to Protocols White
List. It allows administrators to optionally enforce Content-Aware Rules
checking for connections otherwise allowed by specific Protocols White List
rules.
- NetworkLock: Added new option "If this rule triggers" to Protocol White List
for "ANY" and "SSL" rules. Ii allows administrators to enable/disable
auditing and alert notifications for connections permitted by Protocols
White List rules.
- NetworkLock: Added support for SSL 2.0.
- NetworkLock: Increased data exchange speed for HTTPS and FTPS connections.
- NetworkLock: Improved support for Facebook, XING, Google+, Vkontakte,
Odnoklassniki, StudiVZ.de, MeinVZ.de, and SchuelerVZ.net social networks.
- NetworkLock: Improved support for the Gmail, Hotmail (Outlook.com), Web.de,
Mail.ru, Rambler Mail, and Yandex Mail webmail services.
- NetworkLock: Improved support for the AOL Instant Messenger (AIM) protocol.
- NetworkLock: Improved content-aware rules support for Mail.ru Agent.
- NetworkLock: Improved support for IRC auditing and shadowing in Thunderbird
client.
- NetworkLock: SSL permissions for Jabber and Mail.ru Agent have been
deprecated and merged. All communications (both Generic and SSL) are now
controlled by Generic permission settings.
- NetworkLock: Fixed error that caused BSOD in "srvnet.sys" on Windows 7.
- ContentLock: Added support for Oracle IRM. ContentLock can check whether the
file sealed or not; can detect the context, seal and last modification time.
Also, the Oracle IRM control can unpack sealed files and perform analysis of
the file’s content.
- ContentLock: Content-aware rules for Permissions can now be enabled for the
Printers device type in addition to the Printer Shadowing content rules
previously available. This control is Printer-independent and there is no
requirement to save the file to the file system prior to printing for the
content analysis filtering to occur.
- ContentLock: Added ability to perform content analysis for text and
unidentified content copied via Clipboard for regular and virtual/terminal
server Windows environments. Shadowing Content Aware Rules are supported for
text and unidentified content copied via Clipboard for regular and
virtual/terminal server Windows environments.
- ContentLock: Added new Regular Expression pattern templates: American Name,
Austria SSN, China National ID, Danish Personal ID, Dollar Amount, Dominican
Republic ID Number, Finnish ID, France INSEE Code, French NINO, German eTIN,
German Phone Number, Health Insurance Claim, US/UK Home Address, Irish PPSN,
Irish VAT, Norwegian Birth Number, National Provider Identifier, Polish ID
Number, RAMQ, ROK Registration Number, Spanish DNI, Spanish NIF, Spanish
SSN, Sweden Phone Number, Sweden Post Code, Sweden Personal ID, Scotland
Community Health Index, Taiwan ID Number, UK NHS Number, and Canadian
Postal Code.
- ContentLock: Added search morphology (linguistics) for keywords. It supports
Catalan, English, French, German, Italian, Polish, Portuguese, Russian, and
Spanish languages.
- ContentLock: New option for Regular Expression pattern content templates:
"Count identical matches as one match".
- ContentLock: Added "Extended Document Properties" control. It allows
ContentLock to logically block, allow, and shadow documents and identify
content based on the following fields of compound documents: Title,
Subject, Tags, Categories, Comments, Authors, Last saved by, Company and
Manager.
- ContentLock: Added search support for Russian transliterated words in
content-aware rules when the "Word Forms" flag is enabled.
- ContentLock: Improved processing performance for PDF files that contain many
embedded images.
- ContentLock: Significant improvements in the MS Office documents (doc, docx,
ppt, pptx, xls, xlsx, rtf) processing speed and attachments extraction.
- ContentLock: Fixed issue with "Archives content inspection on read" and
"Archives content inspection on write" options when inspecting MS Office
documents for attachments and embedded images.
- ContentLock: Improvements in memory management when processing Content-Aware
Rules with the "Word forms" option enabled for keywords.
- DeviceLock: Added real-time event-based alerts. Alerts can be sent via SMTP
emails and/or SNMP protocols. There are two types of alerts: administrative
(e.g. service settings change, DeviceLock agent termination, changes made in
the list of DeviceLock Administrators, user’s unsuccessful attempts to
change the policy and so on) and device/protocol specific alerts –
administrator can configure such alerts the same way as audit rules.
DeviceLock provides a queue for alerts so the endpoints can send them later
if either of the designated alert communication channels (SMTP and/or SNMP)
are unavailable at the time the alerts are generated.
- DeviceLock: Added new device type: TS Devices. It supports Removable drives, Serial ports and USB devices forwarded in terminal session. It also includes ñlipboard operations in terminal and/or virtual environments. Supported environments are: MS RDP/RDS (including MS RemoteFX), Citrix XenApp, Citrix XenDesktop, Citrix XenServer, VMware View, MS VirtualPC, and Oracle VM VirtualBox.
- DeviceLock: Added new component: DeviceLock WebConsole. It brings the
ability to manage DeviceLock Service, DeviceLock Enterprise Server,
DeviceLock Content Security Search Server and edit DeviceLock Service
settings files from any internet browser.
- DeviceLock: Added "Safe File Overwrite" feature which prevents user’s
original file deletion following write-denied file activities with the same
file name. While the changes are not kept due to the content violation, the
original file remains in the folder. An audit log event is recorded when
the original file is restored by the "Safe File Overwrite" feature after an
attempted file-save that included ContentLock-blocked content occurs.
- DeviceLock: Now it is possible to enable/disable audit or send alerts for
certain content-aware rules (devices & protocols).
- DeviceLock: Added new Service Options parameter: "Audit folder operations"
which allows administrator to enable/disable audit for user’s folder
operations on storage devices.
- DeviceLock: Added new Service Options parameter: "Audit log threshold for
file operations" which allows administrator to roll-up similar audit events
during specified period of time.
- DeviceLock: Added new flag that simplifies configuration for
enabling/disabling auditing and shadowing of removable, floppy and optical
drives allowed via USB White List.
- DeviceLock: Added new flag that simplifies configuration for
enabling/disabling auditing and shadowing of optical media allowed via Media
White List.
- DeviceLock: Added new "Read-only" flag in USB White List and Temporary White
List for removable, floppy and optical drives to simplify this configuration
option.
- DeviceLock: Added new column to the audit log viewer: "Reason". "Reason"
displays the subsystem that allowed or denied access based on DeviceLock
policy.
- DeviceLock: Added "Format" permission to audit & shadowing options for
storage devices.
- DeviceLock: Added shadowing support for the Clipboard device type control.
- DeviceLock: Improved support of shadowing for printers. Now, PDF files are
created for the shadow copies of printed data.
- DeviceLock: Shadowing content-aware rules now apply only to that type of
data which is specified in the rule. For example, if administrator
creates a rule for Windows Mobile "contacts" data type, this rule will
not affect files shadowed for other data types for Windows Mobile device.
- DeviceLock: Optionally, the DeviceLock Service can now send just the
filenames of shadowed data files to the DeviceLock Enterprise Server’s
repository and continue to store the original file data locally on the
source endpoints if desired.
- DeviceLock: Improved and optimized data compression for audit and shadow
data sent to DeviceLock Enterprise Server.
- DeviceLock: Major improvements in audit for devices. Several events that
were considered redundant are not logged anymore.
- DeviceLock: Major enhancements in protection against local administrator
tampering. Now DeviceLock can monitor and restore its files and settings in
case they were modified or removed by the user. Also, DeviceLock can protect
system’s hosts file from tampering.
- DeviceLock: Added "Use strong integrity check" parameter to DeviceLock
Administrators tamper protection feature. When enabled it allows DeviceLock
Service to check the digital signature of all its executable components.
- DeviceLock: DeviceLock Search Server now able to perform full-text search
inside files within archives that have been shadow-copied.
- DeviceLock: The search page of DeviceLock Search Server now shows the
history of search queries for quick reference and re-use.
- DeviceLock: Now it is possible to add computers from Active Directory or
from any LDAP tree to the static list in DeviceLock Enterprise Server
central monitoring tasks.
- DeviceLock: Added the "Switch PostScript printer to non-PostScript mode"
parameter in Security Settings to enable shadowing and content-aware rules
for PostScript printers.
- DeviceLock: Added "Undefine ContentLock policy" and "Undefine NetworkLock
policy" parameters in the management consoles user interface. These
parameters allow administrators to quickly and completely remove the
ContentLock and NetworkLock settings from the DeviceLock policy.
- DeviceLock: DeviceLock Management Console now remembers credentials used to
connect to DeviceLock Service, DeviceLock Enterprise Server, and DeviceLock
Content Security Search Server and allows administrator to use them when
connecting to the same computer.
- DeviceLock: DeviceLock Management Console can now display the total
license limit amount and the number of DeviceLock endpoint licenses actually
used for audit and shadow data collection and monitoring by the DeviceLock
Enterprise Server.
- DeviceLock: DeviceLock Management Console can now display the total
license limit amount and the actual number of DeviceLock Search Server
licenses actually used for DeviceLock Enterprise Server shadow log and audit
logs indexing.
- DeviceLock: Devices in the USB White List are not treated as keyloggers
anymore.
- DeviceLock: Improvements in Temporary White List to restrict temporary
device access to only the user who originally requested access with
DeviceLock Control Panel applet code.
- DeviceLock: Added NDIS driver support to better handle network interface
cards (USB, WiFi, etc.) access control and auditing.
- DeviceLock: Added new audit log reports: "DeviceLock Service versions",
"DeviceLock Service versions by computers" and "Top used printers".
- DeviceLock: The DeviceLock Management Console’s Enterprise Server
Reports for "Top active computers", "Top active users", "Top copied files,
"Top used USB devices" and "Copied files per channel" have been extended
to show failed shadow copies.
- DeviceLock: The DeviceLock Management Console’s Enterprise Server
"Top inserted USB & FireWire devices" report has been extended to show
separate ratings for allowed and denied operations.
- DeviceLock: Improved certificate authorization logic in DeviceLock
Enterprise Server (DLES). Now, when authorization based on DeviceLock
Certificates is used, DeviceLock Enterprise Server uses less CPU time.
- DeviceLock: Fixed latency scenario where the DeviceLock Service operated
with its default settings for a short period of time while waiting for
group policy settings to arrive from the domain controller.
- DeviceLock: Improved Temporary White List functionality in the VMware View
versions 4.6 and 5.1 environment.
- DeviceLock: Compatibility provided to run applications virtualized with
VMware ThinApp.
- DeviceLock: Improved CPU load performance when Internet Explorer is launched
on Windows XP in the Hyper-V environment.
- DeviceLock: Added USB White List support for virtual USB devices that are
forwarded using Thinstuff XP/VS Terminal Server and USB Redirector software.
- DeviceLock: Fixed compatibility issues with third-party hardware:
Commerzbank Signature stick, Huawei E173 3G modem, and Vimicro USB web
camera.
- DeviceLock: Fixed compatibility issues with third-party software:
think-cell plugin for Microsoft PowerPoint 2007, Microsoft ForeFront TMG,
XIV management GUI, ArcGIS Desktop, AutoCAD 2010, AutoCAD 2011, Adobe Flash
player, Kodak Prinergy, Kaspersky Internet Security 2013, and Remote
Administrator 2.2.
- DeviceLock: Many internal optimizations and improvements in DeviceLock
Service.
- DeviceLock: Many interface improvements in DeviceLock Management Console.
- The user manual and program help files have been significantly updated to
include information about all new features.
DeviceLock Endpoint DLP Suite components are priced on a modular basis. DeviceLock, a leading port and peripheral device access control component, can be purchased independently. As all components are included in any Suite’s installation, customers interested in the ContentLock and NetworkLock add-on components can deploy their DLP functionality incrementally by simply turning on additional capabilities as their security requirements demand and budgets allow.