As David writes –
Network data leakage prevention (network DLP) is the process of stopping the unauthorized disclosure of digital assets out of computer networks, regardless of the channel of communication. This process is
typically implemented to protect digital assets—intellectual property, personal identity information, financial information, sensitive/protected data—and enables an organization to detect and prevent potentially harmful leaks.
I’m generally extremely critical of security vendor marketing collateral – but David does an excellent job describing requirements and system alternatives such as network sniffer (L2 content interception) and proxies. I loved his description of proxies – “Prevention only via proxy servers is much like putting toll booths in only a few lanes in a highway, people will quickly figure out how to evade the toll.”
Due disclosure – we represent Fidelis in Israel and Poland.