•Protocol access control. You can control which users or groups can gain access to the FTP, HTTP, IBM Notes, SMTP, MAPI (Microsoft Exchange), SMB, Telnet and Torrent protocols, instant messengers (Skype, Telegram, Viber, WhatsApp, ICQ Messenger, Jabber, IRC, Mail.ru Agent), cloud storages (Amazon S3, Dropbox, Box, Google Drive, Microsoft OneDrive, etc.), web search sites, career search web-sites, web-conferencing and webinars (Zoom.us), as well as webmail and social networking applications (AOL Mail, freenet.de, Gmail, GMX Mail, Hotmail (Outlook.com), Mail.ru, NAVER, Outlook Web App (OWA), Rambler Mail, T-online.de, Web.de, Yahoo! Mail, Yandex Mail, Zimbra; Facebook, Google+, Instagram, LinkedIn, LiveJournal, MeinVZ, Myspace, Odnoklassniki, Pinterest, StudiVZ, Tumblr, Twitter, Vkontakte, XING, Disqus, LiveInternet.ru) depending on the time of day and day of the week.

•Protocols White List. Lets you selectively allow network communication over specified protocols regardless of existing protocol blocking settings. The white list is most effective in “least privilege” scenarios when you block all protocol traffic and then specifically authorize only what is required for employees to perform their daily job duties.

•Content-Aware Rules (File Type Detection). You can selectively allow or deny access to specific types of files transmitted over the network. Recognition and identification of file types is based solely upon the content of files. This efficient and reliable algorithm allows for correct identification and handling of files regardless of the file extension. You can also use Content-Aware Rules to allow or deny the shadow copying of specific file types.

•Audit, shadowing and alerts. Provides the ability to track user activity for specified protocols, log a full copy of data/files transmitted over the network, and alert IS personnel to inappropriate user actions.

•Content-based document access control. You can control access to documents depending on their content. Thus, you can block sensitive content leakage while allowing authorized employees to gain access to the information they need to collaborate.

•Content-based filtering of shadow data. You can specify that only data that contains sensitive information is shadow copied and saved to the Shadow Log, thus reducing the volume of unnecessary log data and making the log files easier to work with.

•Content classification-based control of documents. You can use digital fingerprints and Boldon James Classifier labels to control content access/sending permissions, content-aware shadowing, and/or simple content detection:

•Digital fingerprints of sensitive documents are taken and stored on the DeviceLock Enterprise Server. Fingerprints can identify full copies as well as pieces of documents, even if the document has been changed.

•In the Boldon James Classifier applications, classification labels specify the level of sensitivity of the document by appropriately setting its attributes.

•Expansive coverage of multiple file formats and data types. You can analyze content of the following file formats and data types: Adobe Acrobat (including encrypted files if the type of encryption in the file is one of the following: 40-bit RC4, 128-bit RC4, 128- or 256-bit AES, and the file permissions do not prevent text extraction) (*.pdf), Adobe FrameMaker MIF (*.mif), Ami Pro (*.sam), Ansi Text (*.txt), ASCII Text, ASF media files (metadata only) (*.asf), AutoCAD (*.dwg, *.dxf), CSV (Comma-separated values) (*.csv), DBF (*.dbf), EBCDIC, EML (emails saved by Outlook Express) (*.eml), Enhanced Metafile Format (*.emf), Eudora MBX message files (*.mbx), Flash (*.swf), HTML (*.htm, *.html), iCalendar (*.ics), Ichitaro (versions 5 and later) (*.jtd, *.jbw), JPEG (*.jpg), Lotus 1-2-3 (*.123, *.wk?), MBOX email archives such as Thunderbird (*.mbx), MHT archives (HTML archives saved by Internet Explorer) (*.mht), MIME messages (including attachments), MSG (emails saved by Outlook) (*.msg), Microsoft Access MDB files (*.mdb, *.accdb, including Access 2007 and Access 2010), Microsoft Document Imaging (*.mdi), Microsoft Excel (*.xls), Microsoft Excel 2003 XML (*.xml), Microsoft Excel 2007, 2010, and 2013 (*.xlsx), Microsoft OneNote 2007, 2010, and 2013 (*.one), Microsoft Outlook data files (*.PST), Microsoft Outlook/Exchange Messages, Notes, Contacts, Appointments, and Tasks, Microsoft Outlook Express 5 and 6 (*.dbx) message stores, Microsoft PowerPoint (*.ppt), Microsoft PowerPoint 2007, 2010, and 2013 (*.pptx), Microsoft Rich Text Format (*.rtf), Microsoft Searchable Tiff (*.tiff), Microsoft Visio (*.vsd, *.vst, *.vss, *.vdw, *.vsdx, *.vssx, *.vstx, *.vsdm, *.vssm, *.vstm), Microsoft Word for DOS (*.doc), Microsoft Word for Windows (*.doc), Microsoft Word 2003 XML (*.xml), Microsoft Word 2007, 2010, and 2013 (*.docx), Microsoft Works (*.wks), MP3 (metadata only) (*.mp3), Multimate Advantage II (*.dox), Multimate version 4 (*.doc), OpenOffice versions 1, 2, and 3 documents, spreadsheets, and presentations (*.sxc, *.sxd, *.sxi, *.sxw, *.sxg, *.stc, *.sti, *.stw, *.stm, *.odt, *.ott, *.odg, *.otg, *.odp, *.otp, *.ods, *.ots, *.odf) (includes OASIS Open Document Format for Office Applications), Quattro Pro (*.wb1, *.wb2, *.wb3, *.qpw), QuickTime (*.mov, *.m4a, *.m4v), TIFF (metadata only) (*.tif), TNEF (winmail.dat), Treepad HJT files (*.hjt), Unicode (UCS16, Mac or Windows byte order, or UTF-8), Visio XML files (*.vdx), Windows Metafile Format (*.wmf), WMA media files (metadata only) (*.wma), WMV video files (metadata only) (*.wmv), WordPerfect 4.2 (*.wpd, *.wpf), WordPerfect (5.0 and later) (*.wpd, *.wpf), WordStar version 1, 2, 3 (*.ws), WordStar versions 4, 5, 6 (*.ws), WordStar 2000, Write (*.wri), XBase (including FoxPro, dBase, and other XBase-compatible formats) (*.dbf), XML (*.xml), XML Paper Specification (*.xps), XSL, XyWrite as well as PostScript, PCL5, PCL6 (PCL XL), HP-GL/2, EMF spooled files and GDI printing (ZjStream).

•Automated protection of new documents. You can have content-based security policies automatically applied to new documents as they are created.

•Multiple content detection methods. Various methods can be used to identify sensitive content contained in documents (based on regular expressions, keywords, and document properties).

•Centralized content management. Content-Aware Rules are created based on content groups that enable you to centrally define the types of the content that is subject to control.

•Ability to override device type/protocol-level policies. You can selectively allow or deny access to certain content regardless of preset permissions at the device type-/protocol-level.

•Inspection of files within archives. Allows you to perform deep inspection of each individual file contained in an archive. The following inspection algorithm is used: When a user attempts to copy an archive file to a device or transmit it over the network, all files are extracted from the archive and analyzed separately to detect the content to which access is denied by Content-Aware Rules. If Content-Aware Rules deny access to at least one of the files extracted from the archive, the user is denied access to the archive. If Content-Aware Rules allow access to all of the files extracted from the archive, the user is allowed access to the archive.

•There is a Deny Content-Aware Rule

•Deny-access permissions are set for the device type or protocol

•Optical Character Recognition (OCR). The use of the OCR technology allows you to recognize and extract text from scanned documents, camera-captured documents (if these documents were aligned 90 degrees to the camera), and screen shots of documents for further content analysis by Content-Aware Rules.

•An entire image or some portions of the image can be inverted, rotated, or mirrored.

•Images with poor brightness or low contrast are supported.

•Most fonts can be accurately recognized.

•Recognition of handwritten text or any fonts that look like handwritten text is not supported.

•Embossed and engraved texts are not recognized.

•Best recognition results are achieved for black text on a white background.

•Text in picture detection. The use of the text in picture detection technology allows you to classify all images into two groups: text images (containing text, such as scanned documents or screen shots of documents) and non-text images (those that do not contain text), and separately control access to each group. For example, you can allow certain users to copy non-text images to devices, but prevent them from writing text images thus preventing leakage of sensitive information within image files. The following image files are supported: BMP files, Dr. Halo CUT files, DDS files, EXR files, Raw Fax G3 files, GIF files, HDR files, ICO files, IFF files (except Maya IFF files), JBIG files, JNG files, JPEG/JIF files, JPEG-2000 files, JPEG-2000 codestream files, KOALA files, Kodak PhotoCD files, MNG files, PCX files, PBM/ PGM/PPM files, PFM files, PNG files, Macintosh PICT files, Photoshop PSD files, RAW camera files, Sun RAS files, SGI files, TARGA files, TIFF files, WBMP files, XBM files, and XPM files.

•Inspection of images embedded in documents. Allows you to perform deep inspection of each individual image embedded in saved emails (EML), Adobe Portable Document Format (including encrypted files if the type of encryption in the file is one of the following: 40-bit RC4, 128-bit RC4, 128-bit AES and 256-bit AES, and the file permissions do not disable text extraction) (PDF) files, Rich Text Format (RTF), AutoCAD files (.dwg, .dxf), and Microsoft Office documents (.doc, .xls, .ppt, .vsd, .docx, .xlsx, .pptx, .vsdx). All embedded images are extracted from these documents to the Temp folder of the System user and analyzed independently from text to detect the content to which access is denied by Content-Aware Rules. The text contained inside documents is checked by Content-Aware Rules that are created based on Keywords, Pattern or Complex content groups. Embedded images are checked by Content-Aware Rules that are created based on Keywords, Pattern, File Type Detection, Document Properties or Complex content groups. Access to documents is granted only when Content-Aware Rules allow access to text and all of the images contained in documents.