Other network communications

rakhirhif8963 · Post by **rakhirhif8963** » Sat Feb 08, 2025 9:01 am

As a result of separate control using automatic switching of online and offline modes in the DeviceLock agent with traffic monitoring at the EtherSensor server level, full control of network communications is achieved regardless of the location and method of connection to the Internet of the monitored computers. This approach will be especially productive in solving the problem of monitoring mobile employees using laptops and notebooks to work outside the office.

Even more effective will be the scenario of selective control of network communications, when, thanks to the joint use of the functionality of the endpoint agent and server interception technologies of network traffic, the extraction of the full range of capabilities of the hybrid system is achieved, which is the most powerful scenario of control of network communications of all possible today.

In such a scenario, the most critical part of greece mobile database applications considered as potential channels for leakage of confidential data (e.g., instant messengers with the ability to transfer files), as well as local ports and devices, are monitored by the DeviceLock agent. Processes of transferring restricted access data (also at the agent level, "into the gap") are subject to real-time content analysis with decisions being made on the admissibility of the transfer, or on creating a shadow copy for incidents significant for the purposes of investigation, or on sending an alarm notification upon the triggering of a DLP rule.

Monitoring of considered as having a lower risk in terms of counteracting data leakage (when monitoring and analysis of transferred data is sufficient to solve information security problems, for example, for surfing websites and job search services) is performed by the EtherSensor server by intercepting and analyzing network traffic at the perimeter level. In short, this model of network traffic control can be described as "Monitoring of all traffic (EtherSensor) + Selective blocking of invalid attempts (DeviceLock DLP agent)". What is important is that the policies for enabling or disabling blocking of any network protocols and services both at the context level and in content-dependent rules can be changed and applied by the information security service at any time without rebooting user workstations and without user intervention.