Zgate

• Correspondence in corporate email.
• Emails sent through webmail services.
• Messages from Internet messengers.
• Communication on social networks, forums and blogs.
• Files transferred via FTP .

Protocols

• HTTP
• HTTPS
• FTP
• FTP-over-HTTP ;
• SMTP
• ESMTP
• OSCAR ( ICQ );
• XMPP (Jabber);
• Mail.ru Agent ;
• Yahoo! Messenger
• Windows Live Messenger (MSN Messenger);
• AOL Instant Messenger .

• Filtering incoming, outgoing and internal traffic.
• Compatible with any SMTP mail system ( MTA ): Microsoft Exchange Server , IBM Lotus Domino , Kerio MailServer, Communigate Pro , Sendmail , Postfix , etc.
• Work both in the active data filtering mode and in the mode of analyzing mirrored traffic for archiving and monitoring network activity.
• Flexible policies for checking, blocking and archiving data with the ability to configure up to 30 parameters.
• Policies are applied based on transmission time, traffic direction and user location.
• Content analysis of transmitted messages and files using any combination of automatic categorization methods.
• Support for more than 100 file formats for analyzing their structure and contents, as well as analyzing archives of a given nesting level.
• Convenient tools for managing dictionaries that describe various categories of documents.
• Ability to manually check for suspicious messages and files.
• Analysis of files attached to messages and special policies for encrypted attachments ( RAR , ZIP , DOC , DOCX , XLS , XLSX , PDF , ODB , ODF , ODG ).
• Modification of messages and the ability to notify users of filtering results.
• Integration with third-party applications for additional processing by antivirus and anti-spam systems.
• The ability to maintain a complete archive of transferred data, including file attachments, in Microsoft SQL Server or Oracle Database .
• Scalability and modular architecture to meet the most demanding performance requirements.
• Installation and management through a single console for all SECURIT products.
• Ample opportunities for separation of roles of administrators.
• Support for importing statistical information into various report designers, for example, Crystal Reports or FastReport .

Signatures

The simplest control method is to search a stream of data for a sequence of characters. Sometimes a forbidden sequence of characters is called a “stop expression", but in a more general case it can be represented not by a word, but by an arbitrary set of characters, for example, a certain label.

Regular Expressions

Search by regular expressions ("masks" based on REGEXP) is also a long-known way of detecting the necessary content, however, it has become relatively recent in DLP systems. Regular expressions allow you to find matches in the form of data, it is impossible to specify the exact value of the data in it, in contrast to the "signatures". This detection method is effective for searching:

• TIN
• PPC
• account numbers
• credit card numbers
• phone numbers
• passport numbers
• customer numbers.

Searching for “masks” allows you to meet the requirements of the increasingly popular PCI DSS standard developed by international payment systems Visa and MasterCard for financial institutions.

Digital Fingerprints

The essence of the work of “digital fingerprints” is quite simple and often attracts them - a standard document template is transmitted to the IPC-system, a “digital fingerprint” is created from it and recorded in the database of “digital fingerprints”. Further, in the rules of content filtering, the percentage compliance with the template from the database is configured. For example, if you set up 75% compliance with the “digital fingerprint” of the supply contract, then with content filtering, the system will detect almost all contracts with changes in several paragraphs (that is, no more than 25% of the total text volume).

Linguistic methods (morphology, stemming)

The most common analysis method in IPC systems today is linguistic text analysis. It is so popular that often it is colloquially called “content filtering”, that is, it bears the characteristic of the whole class of methods for analyzing content. Linguistics as a science consists of many disciplines - from morphology to semantics, and linguistic methods of analysis differ from each other. Linguistic methods have their own fingerprints based on statistics; for example, a document is taken, the fifty most used words are considered, then the 10 most used words in each paragraph are selected. Such a “dictionary” represents an almost unique characteristic of the text and allows one to find meaningful quotes in “clones”.

Bayes Method

Artificial intelligence - a method used in most systems to combat spam, works on the principle of determining the likelihood of a document being classified as confidential. A distinctive feature of the Bayesian method is the possibility of self-learning, which significantly expands the scope of its application. Accuracy according to various estimates is up to 97%.

Manual Scan (Quarantine)

Any information that falls under the rules of manual verification, for example, the word “key” appears in it, falls into the console of an information security specialist. The latter takes turns manually reviewing such information and decides whether to skip, block, or delay the data.

• Article in BYTE / Russia: Zgate 1.2 mail monitoring and archiving system [1] .
• Article in “CIO: Information Service Manager”: Practice of choosing IPC for protection against internal threats [2] .
• An article on the portal Anti-Malware.ru “Overview of SecurIT Zgate (Part I)” [3] .
• An article on the portal Anti-Malware.ru “Overview of SecurIT Zgate (Part II)” [4] .
• An article on the portal Anti-Malware.ru "Overview of the new features of SecurIT Zgate 3.0" [5] .
• An article on the portal Anti-Malware.ru "Zecurion Zgate 4.0 - an overview of new features" [6] .

• Zlock - leakage protection at network end points ( USB , COM , LPT , Bluetooth , CD , DVD , local and network printers).
• Information Protection and Control ;
• Data Loss Prevention ;
• Morphology ;
• Email Filtering
• Personal Information
• Bayesian spam filtering
• Information Security

• Zgate official page
• Official SECURIT Developer Page