Feature
|
miniOrange
|
NPAV DLP
|
|
PRODUCT ARCHITECTURE & DEPLOYMENT
|
| Product Type |
- Standalone, purpose-built DLP platform. Covers Email DLP, Endpoint DLP, and Cloud DLP as an integrated suite, with no dependency on another product.
|
- Designed to monitor, detect, and block unauthorised access, transfer, or sharing of sensitive data across endpoint devices, cloud environments, and on-premises systems.
|
| Plan Accessibility |
- All DLP capabilities are available across plans without requiring forced upgrades or add-on purchases.
|
- NPAV Endpoint DLP delivers a unified endpoint security and data loss prevention solution with integrated features managed through a single agent platform.
|
| Deployment Options |
- Full Cloud and On-Premise deployment supported across both Email DLP and Endpoint DLP.
|
- Cloud and On-Premise deployment supported through the NPAV Endpoint Security platform with agent-based endpoint management.
|
| Scalability |
- Supports enterprise-scale environments with flexible, cost-effective pricing.
|
- Designed for endpoint-level deployment across organisations. Scalability tied to agent installation on managed devices.
|
|
DLP CHANNEL COVERAGE
|
| Email DLP |
- Dedicated Email DLP Scans outbound emails, attachments, and message content in real time. Integrates natively with Gmail, Outlook, Zoho and Exchange.
|
- Provides email access controls and attachment-based policy enforcement through configurable allow/block rules.
|
| Endpoint DLP |
- Dedicated Endpoint DLP covering USB drives, Bluetooth, external HDDs, Printers, network devices, and web uploads with OCR support. Supports Windows, macOS, and Linux.
|
- Covers similar channels such as USB devices, Bluetooth transfers, printers, screenshots, and web uploads with OCR support, but is primarily focused on Windows environments with limited macOS support.
|
| Cloud & Web App Control |
- Blocks file uploads to unapproved platforms. HTTP traffic monitoring with allow/block domain policies and time-based access controls.
|
- Monitors uploads, downloads, and data transfers within web applications, and can block and report unauthorized uploads to restricted websites.
|
| Agentless Protection |
- Email DLP is fully agentless, hence no agent is required on user devices.
|
- Requires a client agent installed on each endpoint device for monitoring and policy enforcement. No agentless option available.
|
| Personal Email Access Control |
- Restricts access to personal email accounts (Gmail, Yahoo) on corporate endpoints.
|
- Supports controls across multiple browsers, but does not explicitly provide a dedicated feature to block access to personal email services such as Gmail or Yahoo.
|
|
OPERATING SYSTEM & PLATFORM SUPPORT
|
| Windows |
- Full Windows support across all Endpoint DLP features.
|
- Full Windows support with USB control, screen capture blocking, Bluetooth monitoring, and printer activity tracking.
|
| macOS |
- Full macOS support, device control, file monitoring, and policy enforcement.
|
- macOS support availability is not specified for NPAV Endpoint DLP.
|
| Linux |
- Linux is listed as a supported OS for Endpoint DLP.
|
- Linux endpoint support availability is not specified for NPAV Endpoint DLP.
|
| Mobile Device Support |
- Extends DLP policies to iOS and Android via MDM integration.
|
- Mobile device DLP support is not available. Coverage is limited to Windows-based endpoint devices.
|
|
DEVICE MANAGEMENT & PHYSICAL SECURITY
|
| Remote Lock |
- Administrators can instantly lock endpoint devices remotely.
|
- Remote device lock capability is not available in NPAV Endpoint DLP.
|
| Remote Wipe |
- Securely erases sensitive data from lost, stolen, or decommissioned devices remotely.
|
- Remote wipe capability is not available in NPAV Endpoint DLP.
|
| Geo-Tracking |
- Real-time device location tracking from the admin console, combined with remote lock/wipe.
|
- Geo-location and device tracking features are not available in NPAV Endpoint DLP.
|
| Device Remote Access |
- Administrators remotely access endpoints to diagnose issues and enforce policies without physical access.
|
- Remote device administration is not available in NPAV Endpoint DLP.
|
| USB & Removable Media Control |
- Monitor, audit, and log every data transfer from removable storage. Device blocklisting and temporary policy relaxation.
|
- Monitors and restricts USB/removable media activity with detailed data transfer and access logging.
|
| Advanced Device Control |
- Granular control of USB, printers, external HDDs, and network devices with blocklisting.
|
- Controls Bluetooth transfers and printer activity with monitoring, logging, and remote tool support.
|
|
EMPLOYEE MONITORING & ACTIVITY CONTROL
|
| Employee Activity Monitoring |
- Comprehensive monitoring, AD session tracking, login monitoring, unusual session capture, and camera/screenshot policies.
|
- Real-time web activity monitoring with logging of downloads, uploads, access attempts, and suspicious file-sharing activity.
|
| Screenshot & Camera Policies |
- Policies can restrict screenshots and screen recording to help prevent sensitive information from being shared visually.
|
- Print-screen blocking prevents screenshot capture of sensitive data, with automatic recording of suspicious browser activity.
|
| Login Monitoring |
- Tracks login activity across endpoints to detect suspicious behaviour.
|
- Dedicated login monitoring is not available as a standalone feature in NPAV Endpoint DLP
|
|
DATA DISCOVERY, CLASSIFICATION & INTELLIGENCE
|
| Data Discovery & Classification |
- Identifies and classifies sensitive data on endpoints and applies security policies automatically.
|
- Data classification is not available as a standalone feature; sensitive data protection is managed through channel-level controls.
|
| Insider Threat Detection |
- Identifies unusual email and device patterns indicating insider threats. Real-time alerts on suspicious activity.
|
- Insider threat detection includes real-time monitoring, activity logging, and suspicious activity screenshots, without dedicated behavioral analytics.
|
| OCR / Image DLP |
- Uses Optical Character Recognition (OCR) to detect sensitive text within images and enforce data protection policies on image content.
|
- OCR and image-based DLP are not available in NPAV Endpoint DLP.
|
| File Upload Restrictions |
- Prevents upload of unauthorised file types and content classification (PDF, DOCX, XLSX, ZIP, EXE) to unapproved platforms.
|
- Blocks and reports unauthorized data uploads to restricted websites; file-type classification controls are not available.
|
|
INTEGRATIONS & ECOSYSTEM
|
| Email Platform Integration |
- Direct native integration with Gmail, Microsoft Outlook, and Exchange for real-time outbound email scanning.
|
- Email protection supports standard mail clients; native Gmail, Outlook, and Exchange integrations are not available.
|
| IAM Integration |
- Native Identity and Access Management (IAM) integration, miniOrange's own IAM platform provides single-vendor security.
|
- No IAM integration available in NPAV Endpoint DLP.
|
| CASB Integration |
- Cloud Access Security Broker (CASB) integration provides cloud data visibility across SaaS applications.
|
- No dedicated CASB integration. Cloud data controls are handled through upload monitoring and web restriction features.
|
| MDM Integration |
- Mobile Device Management (MDM) integration extends DLP policies to mobile and BYOD devices.
|
- No MDM integration available. Mobile device coverage is not supported.
|
| Active Directory (AD) |
- Active Directory integration for both Email DLP and Endpoint DLP, enabling user-based policy enforcement.
|
- Active Directory integration is not available for NPAV Endpoint DLP.
|
| Unified Security Platform |
- DLP + IAM + CASB + MDM on a single miniOrange platform, one vendor for complete coverage.
|
- NPAV Endpoint DLP integrates within the Net Protector security ecosystem; dedicated IAM, CASB, and MDM integrations are not available.
|
|
COMPLIANCE & REGULATORY COVERAGE
|
| Regulatory Frameworks |
- Supports compliance requirements for GDPR, HIPAA, ISO, PCI DSS, and RBI regulations.
|
- Specific compliance framework support is not available; activity logs and audit trails support general compliance requirements.
|
| Audit Logs & Reporting |
- Comprehensive audit logs for email and endpoint events. Real-time alerts and compliance-ready dashboards.
|
- Activity logging records all actions involving sensitive data, including downloads, uploads, and access attempts for auditing and compliance purposes.
|
| Role-Based Access Control |
- Granular RBAC for dashboards across Email and Endpoint DLP. Custom roles and module-level permissions.
|
- Role-based access control (RBAC) support is not available in NPAV Endpoint DLP.
|
|
INDUSTRY USE CASES
|
| Healthcare |
- Patient records and sensitive healthcare information are protected across email and endpoint channels, helping organisations meet healthcare data security and privacy requirements.
|
- Endpoint data protection supports healthcare environments, but dedicated HIPAA compliance support is not available.
|
| BFSI / Finance |
- Financial data and cardholder information are secured with controls aligned to industry and banking regulatory standards, including PCI DSS and RBI requirements.
|
- Financial data protection is supported through upload restrictions and activity monitoring, but PCI DSS and GLBA compliance support is not available.
|
| Manufacturing |
- Prevents blueprints, designs, and R&D documents from being emailed or transferred externally.
|
- USB control, Bluetooth restrictions, and upload monitoring help prevent sensitive manufacturing IP from being transferred externally via endpoint channels.
|
| Remote Workforce |
- Cloud email and endpoint policies for distributed teams. Supports corporate-managed and BYOD devices via MDM.
|
- Endpoint agent deployed on corporate-managed devices supports remote workforce environments. BYOD and MDM support are not available.
|
| IT & Technology |
- Detects code fragments shared via email; prevents code cloning or exfiltration from development machines.
|
- Upload monitoring and web restrictions help prevent code exfiltration from development machines via browsers or removable media.
|
| Education |
- Protects student and staff data from accidental email disclosure and unauthorised endpoint transfers.
|
- Endpoint controls, including USB monitoring, upload restrictions, and print-screen blocking, protect student and staff data from unauthorised transfers.
|
|
SUPPORT, ADMINISTRATION & ONBOARDING
|
| 24/7 Support |
- 24×7 global technical support is included across all support plans.
|
- NPAV provides email and contact-based support; dedicated 24×7 support availability is not available.
|
| Deployment & Onboarding |
- Fast deployment with guided onboarding included as part of the setup services. Consultation and implementation assistance are provided for all customers.
|
- Agent-based deployment is supported; dedicated onboarding and implementation assistance are not available.
|
| Admin Dashboard Customisation |
- Fully customisable admin dashboard with white-label branding options and configurable widgets.
|
- Admin dashboard customization and white-label branding are not available in NPAV Endpoint DLP.
|
