McAfee Data Loss Prevention
Strengths: Extremely powerful, feature-rich extrusion prevention system that covers virtually all the bases
Weaknesses: A bit pricey for the products and the support price tag is a shocker
Verdict: An excellent product with a lot of capability, if you can afford it. Best for larger projects
McAfee's Data Loss Prevention (DLP) host and gateway make for a feature-rich product suite that covers just about all of the extrusion prevention requirements for most organisations. The system consists of several components, including the policy manager, agents, event collector and monitor. These are managed through the ePolicy Orchestrator, which must be installed before you can use extrusion prevention. The product was provided as the DLP gateway appliance.
Setting up this suite took about five minutes and we got a set of default policies that could be adjusted if necessary. We could add more policies or disable some of the default capabilities. The policy manager lets you create policies and what McAfee calls tagging rules, along with the usual user groups and reaction rules (what to do when a policy is violated). Most of what you need is in the appliance, and that speeds things along nicely.
The DLP is not just a gateway, however. It is one of those tools that addresses virtually all extrusion vectors if the entire system is in place. Agents on user computers prevent unauthorised copying and printing through peripherals, including those messy USB drives. DLP can also tag data based on application, content or location. We found that it was, essentially, impossible to fool it once we had proper rules in place.
The extensive documentation comes in pdf files on a CD. The website is comprehensive, but direct support options are mostly restricted to subscribers. However, a large knowledge base is publicly available, featuring resources such as FAQs and product data sheets. If you purchase support it can be quite expensive - one-year McAfee Gold software support and next business-day hardware support for the DLP 3300 costs £5,950
As with most McAfee products, the system can be a bit pricey. The host product starts at £25,532 for 501 seats, while the DLP Gateway 3300 has a basic price of £27,700. However, if you have already invested in the rest of the McAfee suite, this is probably typical of your overall implementation.