MyDLP Blog

easy, simple, open source data leakage prevention

Archive for October, 2010

Variety in DLP Filters

without comments

Nowadays, MyDLP is trying to adopt new predefined rule patterns to its filter collection. We are working on 3 new patterns.

  1. Canada SIN
  2. France INSEE
  3. UK NINO
We are eager to adopt these 3 new patterns until the major first release of MyDLP. If you have any other suggestions please contact us from mydlp[at]mydlp.org

Written by burak

October 28th, 2010 at 2:14 pm

Posted in Data Identification,Data Types

Squid ICAP Configuration Example

with 3 comments

The upcoming MyDLP SaaS will be working with your preferred ICAP enabled proxy server. So we are going to post ICAP configuration examples for widely used proxies, starting with Squid. Squid is an open source caching proxy which has a very large user base. It is open source and very stable.

Squid 3.0 and 3.1 have out of the box ICAP support with slightly different configuration parameters. Unfortunately, older versions have no built-in ICAP support but it is possible to enable it using patches.

For Squid 3.1 enter following lines into squid.conf file to enable request adaptation:

icap_enable on

icap_service service_req reqmod_precache bypass=0 icap://127.0.0.1:1344/dlp
adaptation_access service_req allow all

For Squid 3.0 enter following lines into squid.conf file to enable request adaptation:

icap_enable on

icap_service service_req reqmod_precache 0 icap://127.0.0.1:1344/dlp
icap_class class_req service_req
icap_access class_req allow all

There are more parameters for configuring ICAP which are explained here.

Written by ozgur

October 26th, 2010 at 8:23 am

Posted in ICAP,Squid

Presenting DLP in SaaS model

without comments

As you can see from our previous blog post, we are now developing multi-user version of MyDLP in order deliver product to customer in SaaS model. When working on this task, we have encountered several conceptual challenges.

For example; Network-based DLP solutions should inspect all relevant traffic in order to prevent sensitive data leakage, but in Security-as-a-Service model, applications run on cloud computing data centers. So, situation enforces administrators to redirect all traffic to cloud servers and this was never a good idea because of duplicate bandwidth usage on both client line and server line.

Now, what we should do? What is the solution?

Solution is already presented by several authors. Answer is hybrid SaaS model. An application server runs in the internal network, proxies whole external traffic and sends critical parts to services on clouds for leak prevention analysis.

We have worked on this concept and tried to think of a way to use MyDLP in this model and let me tell you MyDLP was already ready for this model and the answer what we were looking for was ICAP.

In next blog post, I will talk about ICAP and our SaaS model implementation…

Written by kerem

October 21st, 2010 at 1:51 pm

Posted in SaaS

MyDLP SaaS

without comments

Data leak protection is a common concern for all companies nowadays. However not all companies have enough budget to conduct an inbound DLP system. Nowadays, MyDLP developers are working to convert MyDLP to a SaaS.

According to many researches, tunneling all outgoing network traffic to a SaaS is not a desirable solution. Because of this, MyDLP is going to integrate with your present web proxies such as Squid, WebSense and Nginx with ICAP. By this way, with too little latency and traffic overhead companies will be able to solve their security and compliance issues.
Moreover, the only thing you have to do with e-mail filtering with MyDLP is just define MyDLP as next hop to your current e-mail server. Also with Exchange 2010 integration support your enterprise e-mails will be much more secure.
MyDLP will shortly release their SaaS product in open source. MyDLP is waiting for your support.

Written by burak

October 20th, 2010 at 8:16 am

Posted in Uncategorized