McAfee Network Data Loss Prevention (DLP) Prevent
Enforce policies to protect your sensitive information

Features & Benefits:

Trust comprehensive data protection
Protect more than 300 standard content types, including Microsoft Office documents, multimedia files, source code, design files, archives, encrypted files, built-in policies, and intellectual property, as well as sensitive information in exotic data formats through the use of customer filters.

Save time with coordinated response
Report all incidents to our centralized incident management console for access by any authorized user for follow-up, delegation, or inclusion in new or existing cases.

Classify, analyze, and address data loss
Filter and control sensitive information, and index and enforce fine-grained security policies for all content.

Integrate with web proxies and MTAs
Facilitate a seamless integration with a broad range of commercial email and web gateway products (standards-based integration via simple mail transfer protocol (SMTP) and Internet content adaptation protocol (ICAP)).

Ensure consistent policy enforcement
Establish common, enterprise-wide policies to ensure that data protection is uniformly enforced out to the network boundary.

Leverage built-in policies
Use built-in policies and rules for common regulatory requirements, including PCI, GLBA, HIPAA, SOX, personally identifiable information, patient health information, SSN, CCN, stripe data, financial information, and more. Network DLP Prevent also provides built-in policies for intellectual property assets (e.g., source code, internal memos, product documents, and pricing information).

Integrate case management and streamline remediation
Get integrated case management with configurable notification messages for senders, recipients, content owners, and system administrators. You can enable traffic enforcement through ICAP integration with ICAP-compliant web proxies for mitigating content violations over IM, FTP, HTTP, HTTPS, and webmail. You can enable mail enforcement through SMTP integration with mail transfer agent (MTA) devices.

Get detailed views and advanced reporting
Customize summary and detail views of incident logs and search results with DLP Prevent’s powerful analytics engine. You can create reports with optional trending data on demand or schedule for regular delivery. The system comes with over 20 preconfigured, customizable reports to get you started.

Enforce Security Policies for Data in Motion

Across each department of every company, individuals share data using multiple applications and a variety of protocols. Guard against inadvertent or intentional data loss by proactively protecting sensitive information from leaving the network and enforce correct business processes.

McAfee® Data Loss Prevention (DLP) Prevent helps you enforce policies for information leaving the network through email, webmail, IM, wikis, blogs, portals, HTTP/HTTPS, and FTP transfers by integrating with message transfer agent (MTA) gateways using simple mail transfer protocol (SMTP) or ICAP-compliant web proxies. Upon encountering a policy violation, McAfee DLP Prevent allows you to take a variety of actions, including applying encryption, blocking, redirecting, quarantining, and more—so you can ensure compliance with regulations governing the privacy of sensitive information and reduce the risk of security threats.

Integrate with Web Proxies and MTAs for Greater Protection

McAfee DLP Prevent integrates with web proxies (using ICAP) and with MTAs (using X headers) for the required action. Because it terminates unauthorized transactions at the application layer rather than simply dropping the TCP session, which does nothing to modify application behavior, McAfee DLP Prevent alerts the initiating application that the transmission was denied due to a policy breach. This ensures greater data protection for your organization because McAfee DLP Prevent learns what must be protected and stops the application from attempting the same behavior again.

Protect Known and Unknown Sensitive Information

With the ability to classify more than 300 different content types, McAfee DLP Prevent helps you ensure that the security of the information you know remains confidential—Social Security numbers, credit card numbers, and financial data—and learn what information or documents require protection, such as highly complex intellectual property. McAfee DLP Prevent includes a wide range of built-in policies, ranging from compliance to acceptable use to intellectual property, enabling you to match entire and partial documents to a comprehensive set of rules, so you can protect all your sensitive information, both known and unknown.

Customize Views and Incident Reports

Using the McAfee ePolicy Orchestrator (McAfee ePO) management console, you can customize summary views of security incidents and subsequent actions based on any two contextual pivot points. List and detail views, as well as summary views with trending, are available at your fingertips. McAfee DLP Prevent also includes a large number of pre-built reports, each of which can be viewed, saved for later use, or scheduled for periodic delivery.

Complex Data Classification

McAfee DLP Prevent empowers your organization to protect all kinds of sensitive data—from common, fixed-format data to complex, highly variable intellectual property. By combining these object-classification mechanisms, McAfee DLP Prevent leverages a highly accurate, detailed classification engine that blocks sensitive information and identifies hidden or unknown risks. Object classification mechanisms include:

• Multilayer classification—Covers both contextual information and content in a hierarchical format.
• Document registration—Includes biometric signatures of information as it changes.
• Grammar analysis—Detects grammar or syntax of anything from text documents to spreadsheets to source code.
• Statistical analysis—Tracks how many times a signature, grammar, or biometric match occurred in a particular document or file.
• File classification—Identifies content types regardless of the extension applied to the file or compression.

Specifications:

DLP Prevent Specifications
System throughput	Up to 150 Mbps of full content analysis, indexing, and storage throughput.
Network integration	Integrates into the network as an off-path appliance that is active within the data path using MTAs and ICAP-compliant web proxies.
Content types	Supports file classification of more than 300 content types: Microsoft Office documents Multimedia files P2P Source code Design files Archives Encrypted files
Protocols supported	Supports HTTP, HTTPS, FTP, and IM protocols via the ICAP protocol to an ICAP-compliant proxy. Please refer to your proxy vendor for protocols supported by your proxy. Supports SMTP via integration with MTAs.
Built-in policies	Provides a wide range of built-in policies and rules for common requirements, including regulatory compliance, intellectual property, and acceptable use. Enables complete customization of rules to meet business-specific needs by leveraging the McAfee capture database.

Specifications: McAfee DLP 5500 Appliance
Component	Description
Processor	2 x Intel E5-2620 6 core, 15 M Cache, 2.0 GHz, 7.20 GT/s Intel QPI
Memory	32 GB DDR3-1333 MHz
Power supply	2 x 760 W hot-swap power supply modules
Hard drives	8 x 2 TB SATA 7.2K RPM drives
NIC card	Intel Dual Copper 1 Gbps Ethernet I/O Module
IPMI	Intel Remote Management Modules 4 (AXXRMM4)
Product size	2 rack units (2U)

Specifications: Virtual Machine
McAfee DLP Prevent is available as a virtual appliance that can run on VMware environment. Below are the minimum hardware requirements for running the virtual appliance.
Component	Requirement
Processor	Intel x86 4x vCPU
Memory	16 GB RAM
Hard disk drive(s)	Drive 1: Minimum size, 100 GB for VM software Drive 2: Minimum size, 512 GB for DLP virtual image
Network ports	4 Virtual NICs
BIOS	Enable VT thread

System Requirements:

McAfee DLP Manager, McAfee DLP Monitor, McAfee DLP Discover, and McAfee DLP Prevent are now supported on the McAfee DLP 5500 appliance. The DLP 5500 appliance is an Intel-based platform with dual six core CPUs, 32 GB of RAM and over 10 TB of storage in a 2U form factor. DLP hardware appliance solutions are self-contained devices. There are no minimum software or hardware system requirements or additional database installations required.

McAfee DLP 5500 Appliance

• System
  • CPU: 2x Intel E5-2620, 6 core, 15 M Cache, 2.0 GHz, 7.20 GT/s Intel QPI
  • Memory:32 GB P1333 DDR3
  • Hard Drives: 8 x 2 TB 7,200 rpm 3.5" SATA drives
  • Network Interfaces: Intel Dual Copper 1 Gb Ethernet I/O Module
  • IPMI: Intel Remote Management Modules 4 (AXXRMM4)
• Power
  • 2 x 760W hot-swap Power Supply Modules
• Dimensions
  • 17.57"W x 30.79"D x 3.43"H
  • Form factor: 2RU
• Weight
  • 67 lbs.
• Temperature
  • Operating temperature: 10°–35° C/50°–95° F
  • Humidity range: 8%–90%, non-condensing
• Compliance
  • NRTL Certification (US/Canada)CB Certification (International)
  • CE Declaration of Conformity (CENELEC Europe)
  • FCC/ICES-003 Class A Attestation (USA/Canada)
  • USA-UL
  • VCCI Certification (Japan)
  • C-Tick Declaration of Conformity (Australia)
  • MED Declaration of Conformity (New Zealand)
  • BSMI Certification (Taiwan)
  • GOST R Certification / Certification (Russia)
  • CC Certification (Korea)
  • IRAM Certification (Argentina)
  • Ecology Declaration (International)
  • China RoHS Environmental Friendly Use Period
  • Packaging & Product Recycling Marks
  • SABS (South Africa)
  • NOM/NYCE (Mexico)
  • CCC Certification (China)
  • CC EAL 2+
  • FIPS-compliant encryption algorithms
  • Security Technical Implementations Guide (STIG)

Virtual Appliance Minimum Hardware Requirements

• System
  • CPU: Intel Quad Core
  • Memory: 16 GB RAM
  • Hard Drive(s):
    • Drive 1: 100 GB for VM software
    • Drive 2: 512 GB for DLP virtual image
  • Network Ports: 4 Virtual NICs
  • BIOS: Enable VT thread

Documentation:

Download the McAfee Network DLP Prevent Datasheet (PDF).