DATA LEAK PROTECTION
First Claim
1. A data leak protection method comprising:
- receiving, by a network security device protecting an enterprise network, information regarding a watermark filtering rule, including a sensitivity level and an action to be applied to files observed by the network security device satisfying the watermark filtering rule;
receiving, by the network device, network traffic originating within the enterprise network, directed to a destination device residing outside of the enterprise network and containing a file attempted to be passed through the network security device;
extracting, by the network security device, a watermark embedded within the received file;
comparing, by the network security device, a sensitivity level associated with the watermark to the sensitivity level of the watermark filtering rule; and
when the comparing results in a match, then performing, by the network security device, the action specified by the watermark filtering rule.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for Data Leak Prevention (DLP) in an enterprise network are provided. According to one embodiment, a data leak protection method is provided. Information regarding a watermark filtering rule is received by a network security device. The information includes a sensitivity level and an action to be applied to files observed by the network security device that match the watermark filtering rule. A file attempted to be passed through the network security device is received by the network security device. A watermark embedded within the received file is detected by the network security device. A sensitivity level associated with the watermark is compared by the network security device to the sensitivity level of the watermark. When the comparison results in a match, then the action specified by the watermark filtering rule is performed by the network security device.
-
Citations
20 Claims
-
1. A data leak protection method comprising:
-
receiving, by a network security device protecting an enterprise network, information regarding a watermark filtering rule, including a sensitivity level and an action to be applied to files observed by the network security device satisfying the watermark filtering rule; receiving, by the network device, network traffic originating within the enterprise network, directed to a destination device residing outside of the enterprise network and containing a file attempted to be passed through the network security device; extracting, by the network security device, a watermark embedded within the received file; comparing, by the network security device, a sensitivity level associated with the watermark to the sensitivity level of the watermark filtering rule; and when the comparing results in a match, then performing, by the network security device, the action specified by the watermark filtering rule. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A non-transitory program storage device readable by a network security device protecting an enterprise network, embodying a program of instructions executable by one or more computer processors of the network security device to perform a method of data leak protection, the method comprising:
-
receiving information regarding a watermark filtering rule, including a sensitivity level and an action to be applied to files observed by the network security device satisfying the watermark filtering rule; receiving network traffic originating within the enterprise network, directed to a destination device residing outside of the enterprise network and containing a file attempted to be passed through the network security device; extracting a watermark embedded within the received file; comparing a sensitivity level associated with the watermark to the sensitivity level of the watermark filtering rule; and when the comparing results in a match, then performing the action specified by the watermark filtering rule. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification