The Network Box DLP engine scans and block outbound SMTP mail that may contain sensitive materials. This can include: your client information, account details, designs, commercial secrets, medical records as well document files, credit card numbers or social security numbers.


Implemented in two parts, the engine allows rules and policies to be customized, thus ensuring effective prevention.



DLP Rules Engine

The engine goes through each section of the unpacked email message and runs its rule-set against each such section. The rules include the ability to perform sophisticated pattern-matching scans, examine content headers, and apply boolean and arithmetic logic to previously triggered tests. Any rule that matches results in a named ‘dlp test’ being set. Example of such rules are:


  • A credit card number (boolean logic).
  • A validated social security card number.
  • The MD5 checksum of a message matching a restricted set of documents to be blocked.




DLP Policy Engine

The engine is configured with a list of direction, named ‘dlp tests’ and thresholds. This permits sophisticated policy enforcement rules to be configured. Examples of this include:


  • Block outbound emails with more than 5 credit card numbers in them.
  • Block outbound emails containing specific attachments (identified by MD5 hash).
  • Block outbound emails containing encrypted ZIP files.
  • Block outbound emails containing your company watermark.
  • Block outbound emails containing Microsoft Excel documents.



Data Leakage Prevention Overview

The diagrams below illustrate the DLP engine in action, for two different scenarios:


Scenario 1:

Normal email content

DLP - Normal email



Scenario 2:

Sensitive email content

DLP - Sensitive email




Key Features

Custom rules

Customizable rules

and policies.

Pattern matching

Complex pattern matching

and content analysis.


Optical Character Recognition


