Tuesday, May 17, 2011

Network based Client Less DLP vs Endpoint Agent Based DLP

Although my blog posting on how to enable ssh in Cisco devices is highest hit and while questions to blogger was on DLP.

 In the era of Swami Nityanand scandle, wiki leaks DLP solution is attracting lots of attention. People and teck guru are confused on solutions. The most common and interesting question which I am getting from readers is which DLP solution is better, Network Based Client Less or agent based.

 Frankly speaking both the solutions have their own merits and demerits. It's actually depend on what kind of information you are trying to protect. For example in BPO or Call center envoirnment the credit card numbers and PAN numbers are critical. While in pharma company or in Research based organization the contents which you want to protect is diagrams and formula.

In first category the fingerprints scanning work better which can be deployed on network without stressing the end points resources.  While in second case fingure Pints didn't work at all also the end points are having more memory and cpu due to which the client  based DLP deployment will make sense.

 Network based DLP will ease the computing load and if you know kind of data patterns then in virtulised environment it's boon. While if you have very intelligent user base who use the sophisticated tools to do their work and no fixed pattern can be deloped and you wan't to restrict even though the print screen and contents in image format the client based DLP is recommended.

1 comment:

Umesh said...

In my company we deployed a agent based DLP. Now we are facing with a nightmare because of some wrong configuration was sent to all clients,and we have to format all endpoints to resolve the issue.

I think agent less solution is more desirable if it can also protect the data theft from endpoints.

Umesh Mishra