McAfee DLP Discover

McAfee DLP Discover

Identify your sensitive data with ease

Overview

McAfee DLP Discover allows you to verify whether sensitive data may be at risk and identify its distributed location. From source code to trade secrets to strategic business plans, IP and other information assets are critical to your brand, public reputation, and competitive edge. Protecting data during transmission is critical, but securing sensitive data before it is inappropriately accessed or moved is a priority.

Determine what information to protect — You can configure McAfee DLP Discover to scan specific repositories and identify data for explicit protection.

Define policies for protection — DLP Discover provides intuitive and unified policy creation, reporting, and management to give you more control over your information protection strategy for data at rest.

Scan your network for violations — You can instruct McAfee DLP Discover to routinely scan network resources for policy violations. Flexible scheduling options are available to perform continuous, daily, weekly, or monthly scans.

Review and remediate violations — DLP Discover eliminates or minimizes proliferation of sensitive material through integrated incident workflow and case management. If DLP Discover finds content that violates protection policies, it generates incidents and sends notifications.

Capture and analyze stored data — DLP Discover indexes all content found at rest in the network and allows you to query and mine this information to quickly understand your sensitive data, how it is used, who owns it, where it is stored, and to where it has proliferated.

Features & Benefits

Simplify data protection

Cut the time and effort required to secure enterprise information. McAfee DLP Discover automatically scans all accessible resources to pinpoint sensitive data, uncover potential risks, and identify the content owner.

Control sensitive information

Filter and control sensitive information with multivector classification. Inventory and index all content, and then query and analyze that data to better understand and manage it.

Identify the most exotic data

Classify data that does not fall into standard file categories. DLP Discover uses a technology called “Concepts” to describe where you can find data within a file. Once defined, it is easy to use Concepts anywhere within the system to find, categorize, and search for specific data items.

Review and remediate violations

Learn the origin of content violations, register and generate signatures, and send alert notifications to protect documents and the information within them more effectively. Integrated case management supports notification to content owners and system administrators using configurable messages.

Make policy generation easy

Perform queries and transfer the results to a protection rule. Customize the pre-built compliance, corporate governance, and intellectual property policies, or create your own. Then, register sensitive information for fingerprinting to ensure safe handling and reduce false positives.

Get powerful reporting

Customize summary and detail views of inventory logs and search results. You can create reports on demand or schedule for regular delivery. To get you started, the system comes with over 20 preconfigured, customizable reports.

Perform automatic network scanning

Scan laptops, desktops, servers, file transfer locations, document repositories, portals, and databases with ease. DLP Discover’s advanced network crawling technology uncovers data you never knew existed. Determine what and where to search, and build the schedule to regularly retrieve network data that is appropriate for your workflow.

Guarantee broad content compatibility

Ensure support for over 300 content types, including Microsoft Office documents, multimedia files, source code, design files, archives, encrypted files, built-in policies, and intellectual property.

Get broad database support

Access support for the following databases: Oracle 8i and later; MySQL Enterprise 5.0 and 5.1; Microsoft SQL Server 7.0, up to 2008; and IBM DB2 5 thru 9.1.

Create advanced data analytics

Perform a granular investigation and historical inspection of information to detect risk of data exposure. Quickly identify sensitive information through an intuitive search interface, and determine who is sending data and where it is located.

Gain common repository support

Get support for the following repositories: Common Internet File System (CIFS), Server Message Block (SMB), Network File System (NFS), HTTP/HTTPS, FTP, Microsoft SharePoint, and EMC Documentum.

Register data instantly

Register data from any supported repository or database. You can use signatures from registered data to detect sensitive material in policies enforced across the network.

Develop powerful rule definitions

Create robust rules to define what data is scanned, including keywords, regular expressions, database tables, rows and columns, and unique McAfee Concepts. Document registration to rules, including network path scanning, on a configurable schedule, and easily discriminate between non-sensitive and sensitive information. You can also restrict rule and policy enforcement to specific scan operations.

System Requirements

McAfee DLP Monitor, McAfee DLP Discover, and McAfee DLP Prevent are now supported on the McAfee DLP 5500 appliance. The DLP 5500 appliance is an Intel-based platform with dual six core CPUs, 32 GB of RAM and over 10 TB of storage in a 2U form factor. DLP hardware appliance solutions are self-contained devices. There are no minimum software or hardware system requirements or additional database installations required.

McAfee DLP 5500 Appliance

  • System
    • CPU: 2x Intel E5-2620, 6 core, 15 M Cache, 2.0 GHz, 7.20 GT/s Intel QPI
    • Memory:32 GB P1333 DDR3
    • Hard Drives: 8 x 2 TB 7,200 rpm 3.5" SATA drives
    • Network Interfaces: Intel Dual Copper 1 Gb Ethernet I/O Module
    • IPMI: Intel Remote Management Modules 4 (AXXRMM4)
  • Power
    • 2 x 760W hot-swap Power Supply Modules
  • Dimensions
    • 17.57"W x 30.79"D x 3.43"H
    • Form factor: 2RU
  • Weight
    • 67 lbs.
  • Temperature
    • Operating temperature: 10°–35° C/50°–95° F
    • Humidity range: 8%–90%, non-condensing
  • Compliance
    • NRTL Certification (US/Canada)CB Certification (International)
    • CE Declaration of Conformity (CENELEC Europe)
    • FCC/ICES-003 Class A Attestation (USA/Canada)
    • USA-UL
    • VCCI Certification (Japan)
    • C-Tick Declaration of Conformity (Australia)
    • MED Declaration of Conformity (New Zealand)
    • BSMI Certification (Taiwan)
    • GOST R Certification / Certification (Russia)
    • CC Certification (Korea)
    • IRAM Certification (Argentina)
    • Ecology Declaration (International)
    • China RoHS Environmental Friendly Use Period
    • Packaging & Product Recycling Marks
    • SABS (South Africa)
    • NOM/NYCE (Mexico)
    • CCC Certification (China)
    • CC EAL 2+
    • FIPS-compliant encryption algorithms
    • Security Technical Implementations Guide (STIG)

Virtual Appliance Minimum Hardware Requirements

  • System
    • CPU: Intel Quad Core
    • Memory: 16 GB RAM
    • Hard Drive(s):
      • Drive 1: 100 GB for VM software
      • Drive 2: 512 GB for DLP virtual image
    • Network Ports: 4 Virtual NICs
    • BIOS: Enable VT thread

Legacy System Requirements

The Network DLP 4400, Network DLP 1650, and Network DLP 3650 appliances have been discontinued. In accordance with McAfee’s End of Life policy, they are being supported until October 2016.

McAfee DLP 4400 Appliance

  • System
    • CPU: 2x Intel X5660, 12M Cache, 2.8 GHz (6 cores)
    • Memory: 24 GB P1333 DDR3
    • Hard Drives: 12 x 1 TB 7,200 rpm 3.5" SATA drives (8 TB usable storage)
    • Network Interfaces: Intel Dual Copper 1 Gb Ethernet I/O Module
    • RAID Controller: Intel RS2MB044
  • Power
    • 2 x 760W hot-swap Power Supply Modules
  • Dimensions
    • 17.57"W x 30.79"D x 3.43"H
    • Form factor: 2RU
  • Weight
    • 67 lbs.
  • Temperature
    • Operating temperature: 10°–35° C/50°–95° F
    • Humidity range: 8%–90%, non-condensing
  • Compliance
    • NRTL Certification (US/Canada)CB Certification (International)
    • CE Declaration of Conformity (CENELEC Europe)
    • FCC/ICES-003 Class A Attestation (USA/Canada)
    • USA-UL
    • VCCI Certification (Japan)
    • C-Tick Declaration of Conformity (Australia)
    • MED Declaration of Conformity (New Zealand)
    • BSMI Certification (Taiwan)
    • GOST R Certification / Certification (Russia)
    • CC Certification (Korea)
    • IRAM Certification (Argentina)
    • Ecology Declaration (International)
    • China RoHS Environmental Friendly Use Period
    • Packaging & Product Recycling Marks
    • SABS (South Africa)
    • NOM/NYCE (Mexico)
    • CCC Certification (China)
    • CC EAL 2+
    • FIPS-compliant encryption algorithms
    • Security Technical Implementations Guide (STIG)

Virtual Appliance Minimum Hardware Requirements

  • System
    • CPU: Intel Quad Core
    • Memory: 8 GB RAM
    • Hard Drive(s):
      • Drive 1: 128 GB for VM software
      • Drive 2: 640 GB for DLP virtual image
    • Network Ports:
      • 2 ports for DLP Monitor application
      • 1 port for DLP Prevent, DLP Manager, or DLP Discover applications
    • BIOS: Enable VT thread

McAfee Network DLP 1650 Appliance

  • System
    • Memory: 16 GB
    • Fans: 5 cooling fans
    • Datastore capacity: 500 GB
    • Drive bays: 4
    • Disk capacity: 500 GB
    • Disk technology: SATA2
    • Optional expansion cards: External storage interconnection card
    • Network interfaces: Two 10/100/1000 copper network interface
    • RAID level: RAID-1
  • Power
    • Redundant hot-swappable 650-W AC-DC power supply, 100- to 240-V AC, 50–60 hertz
  • Dimensions
    • 17 1/4"W x 27 3/4"D x 1 3/4"H
    • Form factor: 1RU
  • Weight
    • 39 lbs.
  • Temperature
    • Operating temperature: 10°–35° C/50°–95° F
    • Humidity range: 8%–90%, non-condensing
  • Compliance
    • USA-UL
    • Canada-CUL
    • Germany-TÜV
    • EN 60950
    • IEC 60950
    • CB report
    • CCC certification

McAfee Network DLP 3650 Appliance

  • System
    • Memory: 16 GB
    • Fans: 5 cooling fans/redundant rear exhaust fans
    • Datastore capacity: 6 TB
    • Drive bays: 16
    • Disk capacity: 500 GB
    • Disk technology: SATA2
    • Optional expansion cards: External storage interconnection card
    • Network interfaces: Two 10/100/1000 copper network interface
    • RAID levels: RAID-1 and RAID-5
  • Power
    • Redundant hot-swappable 800-W AC-DC power supply, 100- to 240-V AC, 50–60 hertz
  • Dimensions
    • 17 1/4"W x 25 1/2"D x 5 1/4"H
    • Form factor: 3RU
  • Weight
    • 72 lbs.
  • Temperature
    • Operating temperature: 10°–35° C/50°–95° F
    • Humidity Range: 8%–90%, non-condensing
  • Compliance
    • USA-UL
    • Canada-CUL
    • Germany-TÜV
    • EN 60950
    • IEC 60950
    • CB report
    • CCC certification

Resources

Data Sheets

McAfee DLP Discover

For a technical summary on the McAfee product listed above, please view the product data sheet.

Reports

Best Practices for Data Loss Prevention: A Process, Not a Technology

Most effective DLP solutions are implemented as a business process, rather than a “set and forget” technology. This latest Gartner report identifies some key challenges CISOs face and provides guidance on a business process approach to a successful DLP implementation.

Implementing and Managing a Data Loss Prevention Solution

Implementing and managing DLP isn’t nearly as difficult as many security professionals expect. Over the 10 plus years Securosis has covered the technology — talking with hundreds of DLP users — countless tips, tricks, and techniques have been collected for streamlined and effective deployments and have been compiled into straightforward processes in this report to ease most common pain points.

Solution Briefs

Keep Your Data Safe for Office 365

McAfee DLP offers expansive, yet flexible, polices and templates that can help address risky employee behavior by protecting sensitive data from day-today user actions.

User Classification Reduces Data Loss

Together, Boldon James Classifier and McAfee Network Data Loss Prevention reduce the risk of data loss by applying the insight of each knowledge worker to data loss prevention decisions. Classifier captures the user’s knowledge of the business value of data in the form of visual and metadata markings applied to messages and documents.

McAfee Data Loss Prevention for Healthcare

Learn how McAfee data protection solutions simplify data security and compliance, deliver flexible control, and help build the trust of your partners.

McAfee Data Protection for Energy

Whether your business is energy exploration, generation, or distribution, learn how to upgrade your data controls to advanced, flexible solutions from McAfee.

McAfee Data Protection for Retail

Whether you start with full disk encryption or choose Data Loss Prevention (DLP), learn how McAfee can help make sure sensitive data stays where it belongs.

McAfee Data Protection for the Biotech and Pharmaceutical Industry

Learn how both global pharmaceutical titans and boutique biotech teams turn to McAfee for protection of highly valued, highly regulated data.

Community

Blogs