Technology Foundation –  AccuMatch^TM Detection Engines with Intelligent Smart Search

One of the key differentiators to the GTB Data Protection System are its proprietary, patent pending Data AccuMatch^TM detection and Intelligent Smart Search algorithms, which allow GTB’s Data Protection solutions to detect and match pre-defined data with proven unprecedented, unrivaled accuracy and speed.

 

Unmatched Intelligence

AccuMatch^TM Detection Engines are so advanced with the unique proven ability to accurately detect partial file matches on greater than 10 terabytes of unstructured  file-less fingerprinted data without network degradation or latency issues!

GTB’s proprietary, patented technology is so innovative and intelligent, that unlike others, the detection engine doesn’t “choke” when moving into the Multi-Terabyte range.

 

Binary & Text Data Inspection

Both text and binary data (files and file-less) are protected.  All Channels, All Protocols have binary and text data inspected and acted upon.  Multiple span ports with greater than 1 Gig/sec bandwidth.  Both structured data (social security numbers, credit card numbers, bank accounts etc.) and unstructured data (reports, memos, designs, source code, agreements, patent applications, MRI files, etc.) are protected.  Within documents, both visible and invisible data are protected. OCR inspection for both Data in Motion and Data at Rest covers scanned images, screen shots, and the like.

 

Core Detection & Analysis Algorithms

Methods for describing sensitive content are abundant.  They can be divided into two categories: precise methods and imprecise methods.

Precise methods are, by definition, those that involve Content Registration and trigger almost zero false positive incidents.

All other methods are imprecise.  They include:  keywords, lexicons, regular expressions, extended regular expressions, meta data tags, Bayesian analysis, statistical analysis such as Machine Learning, behavior analytics, hierarchical threat modeling etc.

Combined with the proprietary algorithms, GTB’s AccuMatch^TM detection algorithms have virtually zero false positives and a very high resilience to data modifications including:

Excerpting, inserting, file type conversion, formatting, ASCII ->UNICODE conversion, UNIX–Windows conversion, partial data match, and so on.

 

Real-Time Detection for BOTH Outbound or Inbound Transmissions

Real-time detection is an important aspect of all DLP components, i.e., Network, e-Discovery and content-aware Endpoint protection.   The GTB detection technology has the rare capability of real time inspection and detection of secure content.  The unique advantage of Real-Time inspection is the ability to prevent data loss over the network on any protocol.

This is in stark contrast to competing solutions which can prevent data loss/Leak (i.e.block a violating transmission) only on non-Real-time protocols: SMTP via MTA, HTTP/S or FTP via a proxy and/or ICAP server.

 

Proxy not needed on Inbound or Outbound Traffic Inspection

GTB Inspector also has its own SSL Internet Content Adaptation Protocol (ICAP)  so there is no need for another web proxy. Already have a web proxy – no worries, GTB’s Network Enterprise DLP has ICAP functions which are compatible with Blue Coat, Cisco, Forcepoint , Intel Security and like proxy products.

GTB’s Endpoint Protection offers complete data-in-use content inspection DLP capabilities

 

Mail Transfer Agent (MTA)

GTB’s DLP that Works Inspector has an on-board Mail Transfer Agent (MTA) that permits the Inspector to   become a smart host for MS Exchange, Lotus Notes, and the like.

 

File Cracking

Unlike others, the GTB Detection Engines use numerous proprietary techniques for file cracking.  The process does not require knowledge of the file type, does not require the location of the beginning of the file nor its end in the data stream.