Symantec Network DLP is broken into two components, Network Monitor and Network Prevent. Network Monitor passively scans for data leaks via SMTP, IM, HTTP, FTP, or any other TCP-based protocol. The policy engine is well designed and relatively easy to use. Administrators can configure a range of response actions, including blocking, logging, alerting and alerting, quarantining, and escalating for approval. The DLP-9 suite is completely software-based. It’s the easiest to use among the other suites we’ve tested thus far.”]
Source: https://www.darkreading.com/attacks-breaches/rolling-review-symantec-s-dlp-9