How to install MyDLP?
MyDLP is not just a network server, only a part of MyDLP is.
We define MyDLP as a complete Data Loss Prevention solution. Therefore, installation of a complete solution is a bit different than a network server. But, not harder.
To implement DLP in 30 minutes, check out these documents;
For others and future documents, click here.
MyDLP Auto Distribution
Another new extensive feature from MyDLP.
In almost every DLP installations, system administrators seek for a way to load balance DLP solutions and this process generally become painful because of synchronization and redundancy issues.
MyDLP Team introduced the feature Auto Distribution which enables system administrators to create an active-active cluster within minutes.
Check out our new document about Auto Distribution for details.
New Documents on mydlp.org
After getting our new site online, we are working hard to create material about MyDLP.
We have determined more fifteen document titles and most of them are already completed.
For more, check out: www.mydlp.org/documents.
New Site
Now, our web page is more than an landing page and a blog.
Pre-built compliance with MyDLP
Currently we are working on regulatory standards and directives such as PCI DSS, HIPAA, BASEL II, GLBA, SOX and EU Data Protection Directive.
All of these regulations require safety and protection of sensitive data and we believe MyDLP will come in handy for compliance efforts. We plan to provide pre-built configuration and reports for these regulations.
Now squid3-ssl packages in MyDLP repository
Everybody who played with Squid on Ubuntu, have probably encountered with this problem; Ubuntu Squid packages had been compiled without SSL option. Therefore, it is not possible to proxy HTTPS connections with Squid on Ubuntu Server.
dpkg source of Ubuntu Squid package with apt-get source squid3, change debian/rules, add --enable-ssl to configure, recompile it and deploy it instead of original Ubuntu Squid package (as explained here), SSL support will dissappear after installing first update for Squid from official Ubuntu repository.squid3-ssl. squid3-ssl replaces squid3, conflicts with squid3 and provides squid3 (dpkg terms). In other words, both squid3 and squid3-ssl could not be installed together, you could install squid3-ssl instead of squid3 and this situation will not cause any dependency problems.squid3-ssl package, will provide Squid SSL functionality without challenging any of the problems I have mentioned above.squid3-ssl packages;/etc/apt/sources.list ;
deb http://downloads.medratech.com/ubuntu-daily lucid/
squid3-ssl ;sudo aptitude updatesudo aptitude install squid3-ssl
Variety in DLP Filters
Nowadays, MyDLP is trying to adopt new predefined rule patterns to its filter collection. We are working on 3 new patterns.
- Canada SIN
- France INSEE
- UK NINO
Squid ICAP Configuration Example
The upcoming MyDLP SaaS will be working with your preferred ICAP enabled proxy server. So we are going to post ICAP configuration examples for widely used proxies, starting with Squid. Squid is an open source caching proxy which has a very large user base. It is open source and very stable.
Squid 3.0 and 3.1 have out of the box ICAP support with slightly different configuration parameters. Unfortunately, older versions have no built-in ICAP support but it is possible to enable it using patches.
For Squid 3.1 enter following lines into squid.conf file to enable request adaptation:
icap_enable on
icap_service service_req reqmod_precache bypass=0 icap://127.0.0.1:1344/dlp
adaptation_access service_req allow all
For Squid 3.0 enter following lines into squid.conf file to enable request adaptation:
icap_enable on
icap_service service_req reqmod_precache 0 icap://127.0.0.1:1344/dlp
icap_class class_req service_req
icap_access class_req allow all
There are more parameters for configuring ICAP which are explained here.
Presenting DLP in SaaS model
As you can see from our previous blog post, we are now developing multi-user version of MyDLP in order deliver product to customer in SaaS model. When working on this task, we have encountered several conceptual challenges.
For example; Network-based DLP solutions should inspect all relevant traffic in order to prevent sensitive data leakage, but in Security-as-a-Service model, applications run on cloud computing data centers. So, situation enforces administrators to redirect all traffic to cloud servers and this was never a good idea because of duplicate bandwidth usage on both client line and server line.
Now, what we should do? What is the solution?
Solution is already presented by several authors. Answer is hybrid SaaS model. An application server runs in the internal network, proxies whole external traffic and sends critical parts to services on clouds for leak prevention analysis.
We have worked on this concept and tried to think of a way to use MyDLP in this model and let me tell you MyDLP was already ready for this model and the answer what we were looking for was ICAP.
In next blog post, I will talk about ICAP and our SaaS model implementation…
MyDLP SaaS
Data leak protection is a common concern for all companies nowadays. However not all companies have enough budget to conduct an inbound DLP system. Nowadays, MyDLP developers are working to convert MyDLP to a SaaS.
