Fidelis XPS is billed as an "extrusion" prevention system; a platform that monitors network traffic flows and enforces defined policies pertaining to the delivery of recognized sensitive information.

The Fidelis XPS platform itself is served in appliance form, and consists both of the Fidelis XPS Sensors (which also report infractions to the central console); and the centralized CommandPost console that provides a Web-based access point to the collected information as well as management controls for the sensors themselves. The sensors, in particular, are now offered in multiple flavors.

- The XPS Direct Sensor is typically deployed at the network egress and is able to monitor all network ports. It can be deployed in two possible configurations: Off of a network TAP, where all traffic is analyzed and the transmission of sensitive data is blocked via the injection of TCP reset packets; or inline (a Layer 2 bridge), in which case sensitive packets are dropped directly.

- The XPS Internal Sensor, which specializes in examining internal network traffic, including such protocols as Oracle and DB2 database access, SMB/CIFS/SAMBA file transfers, and directory queries (XPS Internal is deployed as a Layer 2 bridge)

- The XPS Mail Sensor, which can be deployed as a separate MTA or a Milter and includes support for quarantining or redirecting suspect messages

- The XPS Proxy, which works in combination with ICAP-enabled proxy servers

- The XPS Scout, the newest sensor in the family which is a stand-alone assessment tool targeted primarily to audit and assessment teams. XPS Scout combines the capabilities of the CommandPost and a sensor in a single unit; but lacks the ability to block suspect traffic.

According to the vendor, the platform is able to reassemble TCP streams and decode and analyze their content payloads for the inclusion of sensitive information in real-time at Gigabit speeds. Because such analysis is performed at the TCP level, multiple types of information transmissions are monitored, including HTTP, FTP, E-mail, Webmail, IM, and P2P. The product's built-in decoders are able to strip/decode various data formats to reveal their true content (including taking such steps as uncompressing data, for example); and communication channels (such as Webmail or IM over HTTP) are identified and analyzed individually.

Once to the content level, Fidelis XPS employs statistical and pattern-recognition content analyzers to identify sensitive data based on its characteristics; not requiring exact matching of data for the identification of target data. The vendor notes that the product ships with ready-to-use profiles for out-of-the-box recognition of certain data types.

Other features include support for IPv6, and the ability to block data based on where it came from or where it is being delivered to (where the source or destination IP address is registered).

Fidelis XPS is available now; the list price for the new XPS Scout is $150,000.

Contact Fidelis Security Systems for further information.