Data Leakage Prevention (DLP) systems enables your organization to have strict control of information and data in how it is used, transferred and removed. DLP systems are able to identify, monitor and protect data in use through endpoint actions. DLP systems are also able to protect your intellectual data when data is in motion or in transit referred to as network actions or data that is at rest known as data storage.
DLP systems have granular level of data visibility and through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing, recipient/destination and so on) and with a centralized management framework can provide a complete holistic approach to your data security.
DLP technology has received significant attention industry wide due to corporate confidential information being leaked out through network access, endpoints or peripherals such as flash memory. Although you may increase productivity and empower your employees to be connected to your corporate resources remotely there are significant risks associated with how data that is downloaded is not confidential, once downloaded the data lifecycle and whether it is distributed elsewhere is now beyond the control of your organization. Information asset risks also need to be controlled for organizations that permit the use of instant messaging services and controlling the type of data that is shared across users. The use of DLP systems within your organization is paramount to ensure information assets are protected from unauthorized use and transmission.
DTS can assist your organization to identify the right DLP solution to meet your business requirements; solutions that are network, storage or endpoint based all have different characteristics and is important to make the selection.
In a world of advanced and complex cyber threats, Lumeta empowers information security professionals with the industry's most comprehensive network visibility and continuous monitoring solutions. The accurate and timely information Lumeta provides on topology, perimeter defense, and access control allows our clients to proactively secure their critical assets.
Lumeta Corporation is the developer of IPsonar®, the most widely deployed network discovery solution for large enterprise and government. The company was founded in 2000 as a spin out of Bell Labs, based on the technology developed there to map the Internet. That core technology of the Bell Labs Internet Mapping Project became the foundation of our innovative network discovery solution for large enterprise and government agencies, Lumeta IPsonar.
Today’s large enterprises function in an ever-expanding IP space where it can be difficult to have a handle on every network connection, host, and active IP on the network. Because of the constant state of change, the exponentially growing number of connected devices in the enterprise can fall outside of the watchful eye of security management where serious threats can emerge.
Active network discovery solutions enable IT organizations to gain real-time situational awareness of a large, complex geographically disperse networks. This insight allows the enterprise to validate IT policies, analyze the connectivity between assets and networks, uncovering risk patterns and policy weaknesses.
Lumeta IPsonar® is the world's most widely deployed network discovery solution for large, geographically distributed organizations. Lumeta’s patented, award-winning network discovery technology discovers and maps every IP asset, host and node on the network, giving CIOs, CSOs and CISOs a clear view of risks and policy violations arising from network changes. Such changes include the addition of new devices, modifications in remote access, changes resulting from IT consolidations, and infrastructure updates.
Lumeta IPsonar® is the industry’s only network discovery product which discovers every asset on a network, including assets not currently under management and maps the connectivity between assets and networks to help with issues like Mergers & Acquisitions, IT Compliance, Cybersecurity, Critical Infrastructure Protection, Data Leak Prevention, and Large-scale Network Transformations and Roll-outs.
IPsonar provides visibility into every IP asset, host, node, and connection on the network, performing an active probe and mapping everything that's on the network, (not just an IP range that is supplied for scanning) resulting in a comprehensive view of the entire routed infrastructure.
IPsonar fills gaps in existing network, security and risk management processes, enabling IT organizations to balance compliance and change, maintain service availability, strengthen security, validate policy compliance across the enterprise, and increase cost efficiency. IPsonar functionality includes:
Network Discovery, also known and Network Visibilty and Network Mapping, is a method to identify and inspect network address space, network assets, services and connections. Network Discovery increases awareness of the state of the network: reducing risk, supporting proactive network security and continuous monitoring efforts and improving operational metrics.
As enterprises seek to automate facets of IT security policy enforcement, knowing what’s on the network and ensuring that only devices which are known, managed, and clean are allowed to connect are critical parts of any security plan. The first step in implementing an integrated network security architecture is to assess and document the entire infrastructure including all resources, devices, and connections. The information gleaned from this type of assessment is information on which the majority of security tools will rely.
Active network discovery uses an active probe to locate everything that’s on the network, (not just an IP range that is supplied for scanning) resulting in a comprehensive view of the entire routed infrastructure. This active probe can be used to ensure that information on every connected device is accurate, and that unauthorized devices or connections are promptly indentified and effectively managed.
An active network discovery baseline offers real-time situational awareness of large, complex geographically disperse networks. An active network discovery baseline provides a means to uncover all active IP space, automatically catalogue those address ranges that fall within the IP space provided initially (i.e. those ranges that are “known”) vs. all newly-discovered IP space, which may contain active, but previously “unknown” IP devices. By taking this holistic approach to the baselining process, IT security managers can make accurate decisions based on the best information available as to the nature of individual networks/devices within any network.
Because of the rapid rate of change across today's large enterprise network environments, where consumer devices, mobile, and other non-traditional network devices connect to the enterprise network with increasing frequency; an active baseline of the network is critical part of the initial implementation of security integrations.
Active network discovery remains an important component of continuous monitoring well beyond the baselining process. Active network discovery provides the mean to scan IP ranges continuously and be empowered with a solution that will dynamically “learn” more about the environment, eliminating the inherent gap between the perceived network and the actual one. The simple idea being that: you can’t secure what you can’t manage, and you can’t manage what you don’t know about.
IPsonar provides rich data on all networked devices, delivering a uniquely comprehensive data set on all devices at the network and transport levels, in addition to providing application-layer visibility. Detailed device information obtained by active network discovery gives users a real-time view into device type information, vendor, model number, OS version, MAC address and more, all of which can be easily integrated into other IT and security lifecycle tools, such as network management systems.
The sheer variety and proliferation of IP enabled assets is often overlooked. Gone are the days when an IP network consisted of only “standard” IT equipment such as switches, routers, etc. Today's networks carry an ever increasing number, and variety of IP enabled devices.
Often these devices are IP based to allow for simple diagnostic testing or routine maintenance. However, if undetected, and therefore unmanaged, they can also be afflicted with the same issues as standard IT equipment. There are almost certainly unusual devices connected to your networks, perhaps as part of an embedded PC or a control system, and it is therefore likely that they are not being patched, nor being checked for viruses or vulnerabilities.
Air Conditioning Systems, or Security Cameras may not seem like critical infrastructure, but if these systems are cooling and protecting an important data centre, they most certainly are.
IPsonar and Exonar Toolkit provide the ability to quickly discover, locate and fingerprint unknown and unusual assets on your network, even carrying out some basic vulnerability checks such as which ports are open, allowing customers to quickly secure these devices.
Almost all organisations have some form of firewall or network defence on the boundary between their network and the outside world (the internet). Alongside anti-virus, it is considered the most basic and essential form of network security. Many modern operating systems also incorporate "personal" firewalls for that added layer of security.
IPSonar still finds a good number of unknown, unmanaged or plain old unsecured connections to the outside world in any customer we first work with. Where do these mystery connections come from? They can be from a branch office that wants to 'throw up' an ADSL connection without 'troubling' central IT, they can be a badly configured VPN connection that allows a machine to be simultaneously connected to the corporate network and the internet. They can even be from an old leased line taken on as part of a corporate acquisition that no-one has remembered to turn off. This list doesn't even contemplate the many malicious ways people can find of bypassing your network border controls. The point with all of these situations is that if only 90% of the network is protected, this negates any hard won budget that has been spent on firewalls.
Outbound (or worse, inbound) leaks are certainly not a theoretical security problem. The recent Stuxnet virus worked by establishing an outbound connection to its own designated command and control servers on the Internet. Whilst a correctly positioned firewall will easily prevent this connection from being established, if an infected PC has a "Network Leak", the Firewall will never see, and therefore never prevent this outbound connection. This isn't the first worm or virus to take advantage of this method, and it certainly won't be the last.
The other reason for taking care of all those Network Leaks is to reduce the available pathways for Data Leakage. Whether malicious or accidental, the availability of uncontrolled access to the outside world, or even between supposedly airgapped internal networks, invites misuse.
IPsonar’s patented network leak detection reveals unauthorised connections between the enterprise and another network, between segregated subnets, as well as unwanted connectivity between the network and the Internet, determining whether connectivity is outbound, inbound or both. IPsonar’s network leak detection capabilities are unparalleled in the industry, with the unique ability to find unknown connections into other organisations, such as legacy partner connections or divestiture connectivity.
We discover, identify and secure the 'unknowns' within your IT infrastructure through a comprehensive use of IPSonar technology that discovers networks and devices that are known and unknown. At DTS Solution, our network and device discovery and identification methods and the ability of ensuring adequate security measures are applied to your environment to counteract high risk domains is centered around the following framework.