| After entering the information age, how to prevent the leakage of confidential information within the enterprise has become a very important issue in the field of information security. The leakage of confidential information will cause the enterprise to be difficult to estimate the influence, a lot of solutions to prevent leakage of confidential information is proposed. The traditional firewall technology mainly control protocol port.application proxy firewall focuses on the control of resource and generally check the contents of the plain data. these techniques more or less have the risk of leakage of sensitive data.On the needs of enterprises to prevent the leakage of confidential information,the paper study several application protocols commonly used in the network: HTTP, FTP,SMTP, POP3. Forward these protocols of on the application layer; Check content on the transmission, and prevent leakage of sensitive information; Automatically recognize the type of document and prevent leakage by modifying the document suffix to avoid the check; Through the optimization and improvement of pattern matching algorithm BM,concurrent processing and multi-core, multi-process, further improve the performance of the filter; Because many network applications use SSL channel to protect the confidentiality and integrity, the paper design a SSL agent technology can filter the SSL encrypted Web data and message content.The functions of data leakage prevention system based on gateway agent were tested,and HTTP, SMTP, POP3 and FTP were tested respectively. The experimental results verify that the data leakage prevention system based on gateway agent can prevent the transmission of confidential information in HTTP, SMTP, POP3, FTP, and achieve the purpose of preventing information leakage from the four kinds of protocols. |