Vontu Data Loss Prevention
Strengths: A product that covers all major data leakage points
Weaknesses: The terminology can be a little bit confusing
Verdict: A secure offering that really protects against data leakage, but most administrators would require training on the product
Vontu DLP is the most complex product in the review. It consists of seven parts: Enforce, which creates security policy; Network Monitor and Network Prevent, which monitor and block traffic at network egress points; Endpoint Prevent, which protects classified data; Endpoint Discover, which scans for existing classified data; Network Discover, which identifies sensitive data; and Network Protect, which relocates data to a secure store.
With all of these components, the Symantec Vontu offering protects all three of the most common data leak threats. These include network distribution via email, IM or FTP. Vontu also protects the endpoint device by restricting what sensitive data can be copied to USB or other external media and can discover unknown sensitive documents. Leaks from data stores, such as file servers, are also protected.
All seven products are integrated and report to a central reporting console, which allows an administrator to follow the blocked path of sensitive documents through the enterprise.
An added feature to the Endpoint Prevent is a justify dialog. This allows a user to explain the need for a policy violating action and the department manager of a Vontu administrator can approve the justification.
Vontu DLP was an easy but time consuming process from the server perspective. The client application can be created into an msi file and distributed through most common software distribution systems. It supports XP service pack two and also current releases of Vista, with legacy support for server versions of the operating systems.
The documentation is good and the unit shipped with paper copies of an installation guide and an administration guide.
The documents are well indexed and the writing is technically accurate, succinct and to the point.
Support options are poor, as Symantec offers no included support with the purchase of the product. All Symantec support is available in basic 8/5 or 24/7 formats over the phone or through the website, priced at a percentage of the purchase fee.
The site also includes a knowledge base and a FAQ list.