ManageEngine Endpoint DLP Plus is an enterprise endpoint data loss prevention software that helps secure sensitive data in endpoints and prevent insider threats. In-built with the ability to exercise its functionalities at various levels of flexibility, Endpoint DLP Plus can fit the unique requirements of any kind of enterprise.
The following guide will help you understand the process of Endpoint DLP Plus with the help of an architecture diagram.
IT administrators or network security teams need the following components to perform Endpoint DLP in their enterprise:
The Endpoint DLP Plus server is located in the customer's site. Example, in an enterprise. This server facilitates the deployment of the Endpoint DLP Plus policies defined to discover and classify data as well as determine boundaries in which the data should be secured within. Once the server assigns a policy to a computer, it is interpreted even if the the system goes offline. All endpoint data loss prevention tasks can be completed using Endpoint DLP Plus's web based administrative console.
Endpoint DLP Plus agent is a lightweight software application that is installed in computers which are managed using Endpoint DLP Plus. It is installed automatically in the computers in a LAN. It helps to complete various tasks that are initiated in the Endpoint DLP Plus server. For example, if you want to blacklist/whitelist an application to a computer group in your network, you can make the required settings for this task in the Endpoint DLP Plus server. The agent replicates these settings and ensures that the task is completed effectively.
The agent also updates the Endpoint DLP Plus server with the details of all the running applications in the computers in the form of reports and audits. The agent contacts the server during every 90 minute refresh interval.
The Web console of Endpoint DLP Plus provides a central point from where an administrator can control all the applications running in the managed systems. This console can be accessed from anywhere. For example, it can be accessed through a LAN, WAN and from home using the Internet or a VPN. Separate client installations are not required to access the Web console.
In an Active Directory-based domain setup, the Endpoint DLP Plus server gathers data from the Active Directory to generate the reports for the following:
This enables administrators to access all the information that is stored by the Active Directory.