Clearswift SECURE File Gateway

Secure File Gateway

In today’s rapidly evolving business environment, you need to be able to engage with emerging collaborative technologies to stay relevant and competitive. Keeping your data secure yet mobile is more important – and more complex – than ever.

To avoid the potentially serious implications of data leaks and regulatory breaches, you must inspect the information you create and share. Your content needs to be reviewed constantly, in real time to ensure compliance with your information governance policies. Which is where deep content inspection technology comes in.

The SECURE File Gateway enables organisations to add powerful file content inspection features to existing applications and services, meaning that you can ensure the integrity of your data as it moves around, and before it leaves, your organisation. Only by understanding your content can you protect your information assets and make better decisions with your data. Clearswift’s solutions are renowned for providing mission-critical content filtering for thousands of customers and millions of users worldwide. The award-winning Clearswift content inspection engine sits at the heart of the File Gateway and has a proven track record of secure, robust, high-performance deep content inspection.

Avoid sensitive data leaks

The File Gateway is commonly used to inspect a file’s content as it moves from one location to another. By inspecting the file before it moves, the risk of sensitive data leaks is considerably reduced – especially in scenarios where both locations are networks with different levels of security. For example, one network may be a high security domain and the other low security; alternatively a private Intranet network and a public facing website. In both of these examples there’s a real risk that the information contained within the file could be valuable in one location but represent a data leak in the other.

Recognise, understand and process

The File Gateway’s content inspection engine recognises over 150 different file or format types. It uses strong signature and data parsing techniques that ignore unreliable external indicators, like file extensions. The engine performs recursive decomposition, and systematically opens and searches within archive files like ZIP and TAR to locate all embedded objects – for example images, or active content within Office documents. Inspection continues until there is nothing left to process.

By recognising particular file types, it is possible to set a policy to decide which file types are acceptable, and which should be blocked. The inspection also extends to textual content: the words and phrases contained within the files.

Textual search

The SECURE File Gateway provides powerful text analysis capabilities to search for words, phrases and expressions of any format and in any language.

 

  • Expressions can be keywords, phrases or regular expressions
  • Predefined patterns such as credit card numbers, social security numbers (US), NI numbers (UK) and IBAN numbers
  • Each expression can have its own weighting to allow occurrence counts to be defined
  • Logical operators: AND, OR, XOR, ANDNOT
  • Proximity operators: NEAR, BEFORE, AFTER, FOLLOWEDBY
  • Search within body, headers, footers, meta-data or whole document

By recognising the presence of terms such as ‘Top secret’ in the footer of Word documents, or credit card numbers in Excel worksheets, it is possible to build policies that strictly control which data is processed through the system, and more importantly, which isn’t.

Malware, active code and damaged data

In addition to checking for content violations, the File Gateway is compatible with Sophos anti-virus. This means the data you process can be checked to ensure it doesn’t contain suspicious content or malware that could potentially cause cross-infection to other networks or organisations.

The SECURE File Gateway also has its own capabilities when it comes to blocking potential malware:

  • It has rules to detect active code, such as macros in Microsoft Office, or scripts in Adobe PDF.
  • It can block suspicious data that doesn’t match any recognised format, appears to be corrupt, or has been tampered in some way. Unusual data could indicate that malware is trying to exploit a weakness and cause a buffer overflow in an application.
  • It quarantines encrypted data that cannot be inspected.

Seamlessly integrating with your existing applications and services, the Clearswift SECURE File Gateway provides sophisticated file-based deep content inspection, lexical analysis and comes with pre-built templates. The intuitive GUI makes it simple for administrators to manage and respond to policy outcomes; quite simply, we provide the reassurance you need to safely collaborate and share your information in a risk-free environment.