Data loss protection is still a new field, but Code Green Networks brings a comprehensive solution to stopping leaks of confidential data to unauthorized users. Is your IT leaving with employees that are getting downsized? Is your customer list now the property of one of your competitor's? Then you might be interested in the latest data leak prevention appliance from Code Green Networks.


More DIY videos at 5min.com

Video Transcription

Hello everyone and welcome to another episode of Web Informant.tv. I am David Strom, your host and reviewer. Today we are looking at the dashboard of Code Green Networks true DLP appliance, which is used to protect leaks and prevent unauthorized users from seeing your most confidential data. The product consists of an appliance that sits on your network, and some extra cost software endpoint agents. Let's get started by first going to register the data that you are most concerned with. You see here it comes with 12 different predefined types of structured data that reside in SQL Databases, Stock Symbols, and others. You can also upload files or other unstructured data that just consist of employee or customer names and addresses from your desktop. We click on the Add RedList Data button, and then we will walk through the wizard. On this screen you can also specify a SharePoint server using its WebDAV connection, and other data repositories from Documentum too. Once you have this setup, you create a policy to manage what happens when this data leaks out. Go to the Protect Data tab and you can see here that more than 50 default policy templates that come preinstalled. We can either edit one of these, or if we click on create a New one, we can start from scratch. You see here that you can allow the data to pass through your network and log the incident, or Block activity entirely. We can also create policies that protect encrypted data too, and I will talk about that in a moment. The important thing is being able to understand the logic inherent in your policy, and making sure that policy is looking for the right patterns of data that you want to protect. If we go back to the main Policy screen, you will notice that next to each registered data label is a red, green, or yellow Radio button that indicates whether the match is complete or something is missing. If we mouse over the item you can see more information. To make changes, we click on the Pencil icon and then the Registered Data tab. Say we want to change out bulk email policy to be 250 uses that gets an email at once. We bring up the Graphical Rule Editor, where we can make our changes to the Logic by clicking on the Email Pattern description here. Let's also show you the tab marked Agents, where we can install software on each endpoint to block access, to remove mass storage or other devices. If we click on the Enable boxes, we can turn these options on. Now, let's setup a few daily leak scenarios and show you how they are reported. Let's say I am sending a series of customer contacts using a private Gmail account, and moreover, I am sending them over in encrypted SSL session. Here you see the screen shot creating the email, and here you see the resulting incident that's recorded by our Code Green Appliance, when we go to the View Status and click on it under Dashboard. When we open up the incident and click on the ID, we can see the details of the Matched data that was detected. We can also Customize the columns displayed here by clicking on that link at the bottom of the screen and selecting appropriate columns. We can also do filtering and grouping, and close out incidence as well. If we do setup a policy that prevents us from copying part of our data to removable US key drives, we can then go to the -- try to do that on the client, and here you see the resulting incident has been locked by the appliance. What did I like about the product? There are various reports available. The tab under View Status incidence gives you a good feel for what's going on around your network. I also like the way it works with leading email encryption vendors to setup policies to ensure that sensitive data is encrypted automatically when it leaves your network. I don't like that you need to really understand where your sensitive data lives on your network, and how to trap it with the right collection of policies. You want to spend some time studying its various options, especially how the Code Green Appliance works with encrypted email and web proxies. If you don't setup your policy correctly, you could get yourself into lot of trouble or created a lot of false positives. To sum up, Code Green has an innovative way to detect and prevent data leaks, and is worth a closer look. Thank you for watching, and check out our other screencast reviews at Web Informant.tv. This is David Strom, feel free to send me comments, david@strom.com.