Data In Motion Details聽聽
Data In Motion refers to the ability to monitor traffic on a network, including protocols such as HTTP, HTTPS, FTP, and SMTP. This type of DLP is typically divided into three modules to integrate with different areas of the network. The first module is the network monitor, which typically requires a physical server due to limitations with virtual network cards. The network monitor uses a SPAN port or network tap to monitor traffic. Network monitors have faded out since most network traffic is encrypted and only has monitor-only abilities. To monitor outbound email traffic, the DLP email MTA sits between the email router (such as Exchange) and the edge MTA (mail gateway). Many edge MTA solutions and even Microsoft and Google now include DLP features. ICAP DLP integrates with a web proxy using the ICAP protocol to monitor HTTP, HTTPS, and FTP traffic. A modern approach involves incorporating DLP into a secure service edge (SSE) solution, which monitors all user traffic, regardless of the location. SSE with DLP allows organizations to protect sensitive data as it moves across the network, whether users are accessing it from within the organization鈥檚 premises or remotely.
|