Symantec Data Loss Prevention (DLP)
As a global leader in Data Loss Prevention (DLP), Symantec helps thousands of enterprises combat data theft. But while the DLP application provides supreme capabilities for preventing illicit transfer of data outside organizational boundaries, there is an upper limit to the amount of traffic the tool can process.
Raising the threshold for DLP performance
The maximum processing capability of Symantec DLP is 300 Mbps for Windows and 650 Mbps for Red Hat, using a general-purpose Network Interface Card (NIC). For higher-speed networks, traffic must be either split between multiple DLP monitors – which is a costly solution – or filtered and pre-processed. This is where Napatech can make a tremendous difference.
Accelerated by Napatech SmartNICs, Symantec DLP performance can be multiplied to handle as much as 4 x 900 Mbps. By taking on heavy pre-processing and filtering tasks, the SmartNIC enables users to scale their DLP solution to continually protect and secure their data, even at ultra-high network speeds.
Napatech SmartNICs are exclusively integrated with Symantec DLP, ensuring plug-and-play deployment. Simply install the Napatech Software Driver Suite and SmartNIC and turn on Napatech support in the Symantec DLP Monitor Advanced Server settings – and your DLP app is ready to process 900 Mbps of traffic. See Symantec DLP Admin Guide for further details.
Symantec DLP Architecture
Napatech SmartNICs are highly optimized to capture network traffic at full line speed, with extremely low CPU load on the host server. The SmartNIC guarantees lossless packet capture, which is critical for DLP applications like Symantec that need to analyze all network traffic. Unlike standard NICs that will inertly discard any data not associated with the sender or receiver, Napatech SmartNICs ensure that all data is captured without exception. If packets are discarded, it is purely by choice of the application, not due to a limitation in the network card.
Excellent buffering capabilities
To support burst traffic above app processing threshold, lower layer operating system components need buffers in place to level the speeds and create a successful solution. Standard NICs carry only a very small buffer and will drop packets when the buffer is full. Conversely, Napatech SmartNICs contain a sizeable onboard buffer and are backed by potentially all (configurable) system memory for very large retention.
Where general-purpose NICs do not support filtering for anything other than MAC addresses, Napatech SmartNICs offer filtering from ISO layer 1-4 with support for unwrapping MPLS, VxLAN, VLAN tags and numerous other protocols. With a powerful and reconfigurable filter engine, users can decide exactly which type of network traffic is forwarded to Symantec DLP.
This intelligent filtering ensures that the app solely needs to dedicate compute resources to specific types of traffic, e.g. only forward email or HTTP, but not YouTube or other streaming services. Such pre-filtering would be impossible on a general-purpose NIC.
Cost-efficient load balancer capabilities
Napatech SmartNICs can also forward unfiltered traffic through to a second SmartNIC while keeping the flow intact. By deploying multiple instances of DLP on standard x86 servers with Napatech SmartNICs integrated, enterprises can thus create a powerful, cost-efficient and 100% reliable alternative to proprietary load balancer solutions.