Extrusion prevention is the practice of stopping data leakage by filtering outbound network traffic. The practice protects sensitive digital assets from unauthorized transfer by stopping the movement of packets across the network. Extrusion detection, by contrast, simply alerts an administrator to a potential issue.
Network administrators and anyone responsible for maintaining a secure database faces unprecedented challenges in controlling the flow of proprietary data across gigabit networks. A catastrophic data breach involving proprietary information can have a substantial negative impact on an organization's market share, brand, financial health and compliance status. Pervasive use of P2P file sharing, FTP file transfer, webmail and USB drives offer multiple vectors for information to escape an organization's traditional gateway controls. Extrusion prevention software offers the administrator a set of tools to manage risk.
Extrusion prevention software uses a combination of network monitoring systems and real-time packet filtering. In general, database extrusion prevention (DBEP) software provides a central interface to regulate traffic regardless of its origin. There are three broad categories of DBEP:
- packet sniffer s that filter incoming calls to Web servers
s or proxies on network SQL injection, or prevent unauthorized access based on user permission settings or activity that does not match with usage profiles. Pattern recognition techniques, like network behavior anomaly detection (NBAD) and network behavior analysis (NBA) both allow administrators to identify and stop abnormally large data transfers.This was last updated in March 2008Posted by: Margaret Rouse
Email AlertsRegister now to receive SearchSecurity.com-related news, tips and more, delivered to your inbox.By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Do you have something to add to this definition? Let us know.Send your comments to firstname.lastname@example.org