The need for Data Leakage Prevention in your Enterprise.....

Data Leakage Prevention (DLP) systems enables your organization to have strict control of information and data in how it is used, transferred and removed. DLP systems are able to identify, monitor and protect data in use through endpoint actions. DLP systems are also able to protect your intellectual data when data is in motion or in transit referred to as network actions or data that is at rest known as data storage.

DLP systems have granular level of data visibility and through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination and so on) and with a centralized management framework can provide a complete holistic approach to your data security.

DLP technology has received significant attention industry wide due to corporate confidential information being leaked out through network access, endpoints or peripherals such as flash memory. Although you may increase productivity and empower your employees to be connected to your corporate resources remotely there are significant risks associated with how data that is downloaded is not confidential, once downloaded the data lifecycle and whether it is distributed elsewhere is now beyond the control of your organization. Information asset risks also need to be controlled for organizations that permit the use of instant messaging services and controlling the type of data that is shared across users. The use of DLP systems within your organization is paramount to ensure information assets are protected from unauthorized use and transmission.

DTS can assist your organization to identify the right DLP solution to meet your business requirements; solutions that are network, storage or endpoint based all have different characteristics and is important to make the selection.


Lumeta - The leaders in network leakage detection.....

Lumeta is the global network visibility company, offering network discovery, mapping and leak detection solutions that provide intelligence on topology, perimeter defense, and access control for proactive network security of critical assets.

In a world of advanced and complex cyber threats, Lumeta empowers information security professionals with the industry's most comprehensive network visibility and continuous monitoring solutions. The accurate and timely information Lumeta provides on topology, perimeter defense, and access control allows our clients to proactively secure their critical assets.

Lumeta Corporation is the developer of IPsonar®, the most widely deployed network discovery solution for large enterprise and government. The company was founded in 2000 as a spin out of Bell Labs, based on the technology developed there to map the Internet. That core technology of the Bell Labs Internet Mapping Project became the foundation of our innovative network discovery solution for large enterprise and government agencies, Lumeta IPsonar.

Today’s large enterprises function in an ever-expanding IP space where it can be difficult to have a handle on every network connection, host, and active IP on the network. Because of the constant state of change, the exponentially growing number of connected devices in the enterprise can fall outside of the watchful eye of security management where serious threats can emerge.

Active network discovery solutions enable IT organizations to gain real-time situational awareness of a large, complex geographically disperse networks. This insight allows the enterprise to validate IT policies, analyze the connectivity between assets and networks, uncovering risk patterns and policy weaknesses.

Data Leakage Prevention Solutions Dubai Abu Dhabi Saudi Qatar GCC

Lumeta IPsonar Data Leakage Dubai AbuDhabi UAE Saudi Qatar GCC

IPsonar

Lumeta IPsonar® is the world's most widely deployed network discovery solution for large, geographically distributed organizations. Lumeta’s patented, award-winning network discovery technology discovers and maps every IP asset, host and node on the network, giving CIOs, CSOs and CISOs a clear view of risks and policy violations arising from network changes. Such changes include the addition of new devices, modifications in remote access, changes resulting from IT consolidations, and infrastructure updates.

IPsonar Overview

Lumeta IPsonar® is the industry’s only network discovery product which discovers every asset on a network, including assets not currently under management and maps the connectivity between assets and networks to help with issues like Mergers & Acquisitions, IT Compliance, Cybersecurity, Critical Infrastructure Protection, Data Leak Prevention, and Large-scale Network Transformations and Roll-outs.

IPsonar provides visibility into every IP asset, host, node, and connection on the network, performing an active probe and mapping everything that's on the network, (not just an IP range that is supplied for scanning) resulting in a comprehensive view of the entire routed infrastructure.

IPsonar fills gaps in existing network, security and risk management processes, enabling IT organizations to balance compliance and change, maintain service availability, strengthen security, validate policy compliance across the enterprise, and increase cost efficiency. IPsonar functionality includes:

  • Network Discovery – Identifies all network address spaces, routing devices and connectivity flows across the network (including “stealth” assets, i.e. hidden devices that do not respond to queries) utilizing advanced multi-protocol discovery technology, and creates a comprehensive route-based topology that identifies a network’s true perimeter. Host Toplogy Visualization / Layer 2: New, optional product module supports layer 2 topology mapping, stealthy device identification, guest network and extranet security, VLAN compliance and Virtual Machine identification.
  • Host Discovery – Detects all known and previously unknown network devices by conducting a census of IP addresses across protocols. Flags devices unrecognized by official network inventories for remediation.
  • Leak Discovery – Reveals unauthorized connections between a network and another network, sub-net, or the Internet, and determines whether access is outbound, inbound or both. Leak discovery highlights unknown connections into other organizations (e.g., legacy divestiture connectivity) or to the Internet.
  • Device Discovery – Identifies web services, wireless access points and IP applications active on hosts and devices – including those not owned by the client or its employees – pinpointing resources for which tested ports are active. Additionally, Layer 2 discovery matches a device’s unique MAC address with its assigned IP address, providing crucial information for asset management and diagnostics.
IPsonar’s credential-less and agent-less approach minimizes disruption to operations and scales to handle the largest networks. IPsonar is lightweight and safe for use on large networks even during production hours, operating essentially at the level of network “noise” and using only properly formed packets to elicit benign responses. Intuitive reports and color-coded maps generated by IPsonar present micro- and macro-level views of findings. The Lumeta Network Index summarizes scan information from IPsonar in a powerful executive scorecard.
Lumeta IPsonar® is the only product on the market that:
  • Provides visibility into every IP asset, host, node, and connection on the network;
  • Reports on network “leaks” – unknown, unrestricted pathways into and/or out of an organizations network – that represent policy violations and security threats;
  • Provides a comprehensive view of the entire routed infrastructure;
  • Measures risk from a network perspective;
  • Finds wireless access points that are connected to the wired network, and tests for inbound or outbound “leaks”;
  • Provides information extensible to security risk management and network management solutions; and
  • Is lightweight, fast and safe for the world’s largest high-assurance IP networks.

IPsonar Architecture and Delivery Options

IPsonar is delivered as a network appliance, in both 1U Rack Mountable and Laptop formfactors. Lumeta's IPsonar requires no installation or disruption to operations, and is extremely fast to deploy and scan a network - no matter how far-flung or numerous the resources are. IPsonar is made to handle large data sets as easily as it does small data sets. Thus, IPsonar is a true enterprise application, able to work efficiently in both large and small deployments. IPsonar's three-tiered architecture is proven at the world's most complex networks and has been used to scan the entire Internet:
  • Sensors. Accurate, complete network scanning is achieved through the use of network entry points called Sensors. These entry points are portable, providing flexibility to address even the most fast-changing networks.
  • Scan Servers. These resources are positioned at appropriate points in the network to assure that business applications and even the lowest-speed network links are unaffected by IPsonar network traffic. Multiple scans can be run simultaneously.
  • Report Servers. Functioning as the data repository, Report Servers separate report generation from scanning to further reduce IPsonar’s operational footprint. A single remote Report Server can support multiple Scan Servers.


What is Network Discovery?

Network Discovery, also known and Network Visibilty and Network Mapping, is a method to identify and inspect network address space, network assets, services and connections. Network Discovery increases awareness of the state of the network: reducing risk, supporting proactive network security and continuous monitoring efforts and improving operational metrics.

As enterprises seek to automate facets of IT security policy enforcement, knowing what’s on the network and ensuring that only devices which are known, managed, and clean are allowed to connect are critical parts of any security plan. The first step in implementing an integrated network security architecture is to assess and document the entire infrastructure including all resources, devices, and connections. The information gleaned from this type of assessment is information on which the majority of security tools will rely.

Why Active Network Discovery?

Active network discovery uses an active probe to locate everything that’s on the network, (not just an IP range that is supplied for scanning) resulting in a comprehensive view of the entire routed infrastructure. This active probe can be used to ensure that information on every connected device is accurate, and that unauthorized devices or connections are promptly indentified and effectively managed.

An active network discovery baseline offers real-time situational awareness of large, complex geographically disperse networks. An active network discovery baseline provides a means to uncover all active IP space, automatically catalogue those address ranges that fall within the IP space provided initially (i.e. those ranges that are “known”) vs. all newly-discovered IP space, which may contain active, but previously “unknown” IP devices. By taking this holistic approach to the baselining process, IT security managers can make accurate decisions based on the best information available as to the nature of individual networks/devices within any network.

Because of the rapid rate of change across today's large enterprise network environments, where consumer devices, mobile, and other non-traditional network devices connect to the enterprise network with increasing frequency; an active baseline of the network is critical part of the initial implementation of security integrations.

Active network discovery remains an important component of continuous monitoring well beyond the baselining process. Active network discovery provides the mean to scan IP ranges continuously and be empowered with a solution that will dynamically “learn” more about the environment, eliminating the inherent gap between the perceived network and the actual one. The simple idea being that: you can’t secure what you can’t manage, and you can’t manage what you don’t know about.


Identifying your Assets through Device Discovery ...

IPsonar provides rich data on all networked devices, delivering a uniquely comprehensive data set on all devices at the network and transport levels, in addition to providing application-layer visibility. Detailed device information obtained by active network discovery gives users a real-time view into device type information, vendor, model number, OS version, MAC address and more, all of which can be easily integrated into other IT and security lifecycle tools, such as network management systems.

The sheer variety and proliferation of IP enabled assets is often overlooked. Gone are the days when an IP network consisted of only “standard” IT equipment such as switches, routers, etc. Today's networks carry an ever increasing number, and variety of IP enabled devices.

Often these devices are IP based to allow for simple diagnostic testing or routine maintenance. However, if undetected, and therefore unmanaged, they can also be afflicted with the same issues as standard IT equipment. There are almost certainly unusual devices connected to your networks, perhaps as part of an embedded PC or a control system, and it is therefore likely that they are not being patched, nor being checked for viruses or vulnerabilities.

Air Conditioning Systems, or Security Cameras may not seem like critical infrastructure, but if these systems are cooling and protecting an important data centre, they most certainly are.

IPsonar and Exonar Toolkit provide the ability to quickly discover, locate and fingerprint unknown and unusual assets on your network, even carrying out some basic vulnerability checks such as which ports are open, allowing customers to quickly secure these devices.


Identifying Network Leaks using IPSonar.......

Almost all organisations have some form of firewall or network defence on the boundary between their network and the outside world (the internet). Alongside anti-virus, it is considered the most basic and essential form of network security. Many modern operating systems also incorporate "personal" firewalls for that added layer of security.

IPSonar still finds a good number of unknown, unmanaged or plain old unsecured connections to the outside world in any customer we first work with. Where do these mystery connections come from? They can be from a branch office that wants to 'throw up' an ADSL connection without 'troubling' central IT, they can be a badly configured VPN connection that allows a machine to be simultaneously connected to the corporate network and the internet. They can even be from an old leased line taken on as part of a corporate acquisition that no-one has remembered to turn off. This list doesn't even contemplate the many malicious ways people can find of bypassing your network border controls. The point with all of these situations is that if only 90% of the network is protected, this negates any hard won budget that has been spent on firewalls.

Outbound (or worse, inbound) leaks are certainly not a theoretical security problem. The recent Stuxnet virus worked by establishing an outbound connection to its own designated command and control servers on the Internet. Whilst a correctly positioned firewall will easily prevent this connection from being established, if an infected PC has a "Network Leak", the Firewall will never see, and therefore never prevent this outbound connection. This isn't the first worm or virus to take advantage of this method, and it certainly won't be the last.

The other reason for taking care of all those Network Leaks is to reduce the available pathways for Data Leakage. Whether malicious or accidental, the availability of uncontrolled access to the outside world, or even between supposedly airgapped internal networks, invites misuse.

IPsonar’s patented network leak detection reveals unauthorised connections between the enterprise and another network, between segregated subnets, as well as unwanted connectivity between the network and the Internet, determining whether connectivity is outbound, inbound or both. IPsonar’s network leak detection capabilities are unparalleled in the industry, with the unique ability to find unknown connections into other organisations, such as legacy partner connections or divestiture connectivity.


Data Leakage Prevention Services Dubai Abu Dhabi UAE Saudi Qatar