Data Loss Prevention Software Blade

Check Point Data Loss Prevention (DLP) combines technology and processes to revolutionize DLP, helping businesses to pre-emptively protect sensitive information from unintentional loss, educating users on proper data handling policies and empowering them to remediate incidents in real-time.


Easy DLP deployment and simplified management

  • Centralized management of security policy via a single console
  • Pre-configured policies allow for immediate data loss prevention
  • Broadest support for file formats and data types

Pre-emptive data loss prevention for critical business information

  • UserCheck technology allows for real-time user remediation
  • MultiSpect combines users, content and process for unrivaled accuracy
  • Educates and alerts users without involving IT/security personnel
  • Inspect and control sensitive emails both leaving the organization and between departments

Integrated into the Check Point Infinity Architecture

  • Activate DLP on any Check Point Security Gateway
  • Centralized management of security policy via a single console
  • Saves time and reduces costs by leveraging existing security infrastructure

The Check Point DLP solution is much more than a PCI compliance tool for the university; it’s an important weapon in our security arsenal that secures data beyond our compliance requirements.

Sherry Horeanopoulos

Information Security Officer

Fitchburg State University



Check Point UserCheck

Check Point UserCheck empowers users to remediate incidents in real time. This innovative technology alerts users of suspected breaches for instant remediation and allows quick authorization of legitimate communications.

UserCheck improves security and raises awareness of data use policies by empowering users to self-administer incident handling-with options to send, discard or review the issue. Notifications occur in real-time via a pop-up from a thin agent or via a dedicated email sent to the end-user (no need to install agent).

Organizations benefit in several ways:

  • Full prevention – enables a practical move from detection to data loss prevention
  • Self-educating system – educates and alerts users without involving IT/security personnel


Inspect SSL/TLS Encrypted Traffic

Scan and secure SSL/TLS encrypted traffic passing through the gateway. When traffic is passed through, the gateway decrypts the traffic with the sender’s public key, inspects and protects, then re-encrypts, sending the newly encrypted content to the receiver.

For example, Gmail traffic is encrypted over HTTPS.  If a user attaches a file to a message in Gmail, both the email and file will be inspected by DLP and be subject to the same policy as any clear (unencrypted) traffic.

Granularly define exceptions for SSL/TLS inspection to protect user privacy and comply with corporate policy.  Some encrypted content passing through the gateway should not be inspected, and therefore can be bypassed with a simple administrator policy definition.

Network-wide Protection Coverage

Check Point DLP is an in-line, advanced data loss prevention solution for data transmitted over networks. It offers wide coverage of traffic transport types, including deep application awareness that protects data in motion, such as SMTP, HTTP and FTP data. DLP policies are created to define what to prevent and how to prevent it, by policy, by network segment, by gateway and by user-group.

Fingerprint Sensitive Files

DLP scans file repositories of sensitive files and match when a file from this repository (or part of it) leaves the organization. With files matching, sensitive files are prevented from leaving the organization.


Central Policy Management

DLP is centrally managed with Check Point Security Management via a user-friendly interface. Centralized management offers unmatched leverage and control of security policies and enables organizations to use a single repository for user and group definitions, network objects, access rights and security policies across their entire security infrastructure. Unified access policies are enforced automatically throughout the distributed environment, empowering them to securely provision access from anywhere.

Unified policy deployment across multiple gateways controls enforcement actions per policy; i.e. detect (log only), or quarantine (self-incident handling). Policy management includes the following features and options:

  • Selection of data type(s) and user group(s) – also using Active Directory
  • Enable exceptions  – allowed users
  • Traffic direction – enforce on outbound or inter-departmental traffic
  • Pre-defined policies and content data types
  • Incremental exposure of specific policies per different user groups
  • Integrated logging and event correlation
  • Customization of internal quarantine

Rapid and Flexible Deployment

Organizations of any size can be protected from the start with pre-configured templates for immediate data loss prevention. A wide range of built-in policies and rules are included for common requirements, including regulatory compliance, intellectual property and acceptable use.

Check Point DLP can be installed on any Check Point Security Gateway, saving time and reducing costs by leveraging existing security infrastructure.

Protect Against Data Breaches both Externally and Internally

Check Point DLP controls sensitive information from leaving the company.  DLP also inspects and controls sensitive emails between departments with Microsoft Exchange support.  An agent is loaded onto the Microsoft Exchange server that intercepts outgoing messages.  The message is redirected to the Check Point Gateway, is inspected by DLP, and then sent to the internal recipient by the Exchange server.  Policies can be defined to prevent confidential data from leaking to the wrong departments.  Examples of data that might need protecting from accidental leakage to other departments are compensation plans, confidential human resources documents, mergers and acquisition documents, or medical forms.

Check Point MultiSpect

The innovative Check Point MultiSpect data classification technology combines users, content and process into accurate decisions. Check Point DLP delivers exceptionally high accuracy in identifying sensitive data including Personally Identifiable Information (PII), compliance-related data (HIPAA, SOX, PCI, etc.) and confidential business data. This is achieved through the MultiSpect technology with strong 3-tier inspection that:

  • Offers multi-parameter data classification and correlation – Multi-protocol inspection and enforcement inspects content flows and enforces policies in the most widely used TCP protocols including: SMTP, FTP, HTTP and webmail. Pattern matching and file classification allows for the identification of content types regardless of the extension applied to the file or compression.
  • Recognizes and protects sensitive forms – includes file/form matching (based on predefined templates)
  • Identifies unconventional business communication behavior
  • Leverages out-of-the-box best practice policies

In addition, an open scripting language is available for creating custom data types. This unique flexibility provides virtually unlimited support for protecting sensitive data.


The document watermark feature provides additional data protection by dynamically watermarking documents leaving the organization for stronger data security and increased regulatory compliance.

Flexible choice of visible watermarks to Microsoft Office documents:

  • Page placement
  • Text formatting options such as semitransparent, diagonal, size, font, color, text direction
  • Customize watermark with fields such as sender, recipient, name of document and/or date sent

Add encrypted hidden watermarks:

  • No change in visible document layout
  • Can be identified in DLP scans
  • Used for forensics analysis to track leaked documents

Whitelist Files and Repositories

Define a list of files and repositories so users do not have to remediate files that are safe for distribution.

Event Management

Separating the needle from the haystack, SmartEvent monitors and reports only what is important. Event management includes the following features and options:

  • Real-time and history graphing and reporting of DLP events
  • Easy incident correlation
  • Graphical incident timelines
  • Easily configured custom views
  • Event/incident management workflow

Integrated into the Check Point Infinity Architecture

DLP is integrated into the Check Point Infinity Architecture. It can be easily and rapidly activated on existing Check Point Security Gateways saving time and reducing costs by leveraging existing security infrastructure.

Learn More

This website uses cookies to ensure you get the best experience. Got it, Thanks! MORE INFO