File Content Disarm and Reconstruction Supported by Glasswall

The all-encompassing approach to cross-domain file transfer adopts Content Disarm and Reconstruction (CDR), supported by Glasswall, to meet rigorous information assurance standards. This ultimately ensures the secure import and export of files.

Glasswall’s Content Disarm and Reconstruction (CDR) can be integrated with TrustedFilter™ to shape a comprehensive cross-domain solution, built with a data-centric defence approach. 4Secure’s TrustedFilter™ File Transfer software and unidirectional flow control hardware, integrated with Glasswall CDR is optimised for securely importing files into the most secure environments.

The 7-Step approach to Cross-Domain file transfer with Glasswall’s CDR and TrustedFilter™ Integration.

1. Transform and Inspect

Glasswall breaks down the file into its constituent components. Validates the file’s structure against its specification.

2. Rebuild

Unknown and invalid file structures are repaired in-line with the file’s specification.

3. Clean

High-risk file structures that contain active content are removed, based on fully configurable sanitisation policies.

4. Verify and Reconstruct

Semantic checks ensure the file’s integrity, the safe and fully functional file is reconstructed and placed in another directory.

5. Transport

TrustedFilters file transfer application collects the reconstructed file and forwards it in a raw TCP stream to a unidirectional appliance.

6. Hardware Enforced Protocol Break and Air Gap

The TrustedFilter™ unidirectional flow control device terminates TCP/IP and transforms data into non-routable cells of data in FPGA. The core data payload is transported via unidirectional optical fibre. The data payload is reassembled in FPGA into a TCP stream and sent to the destination system.

7. Delivered

TrustedFilters file transfer application receives the file on the destination system and delivers the file to its destination.

Enabling TrustedFilter™ Applications

TrustedFilter™ SECUREimpex

  • Install directly onto a TrustedFilter™ unidirectional gateway, or flanking system.
  • Run as a service to provide an automated experience.
  • Configured & managed through an easy-to-use GUI.
  • Secure credential-container for application specific, authenticated file-transfer.
  • Supports Mirroring of directories, or ‘Send and ‘Delete’ configuration.
  • Install on Linux or Windows.
  • Engineered to support high-throughput 24/7 enterprise environments.
  • Multiple File Transfer modes available, including scheduling options.
  • Pre-processing engine to enable user-defined filtering.

Enabling Components

Data Diodes

A unidirectional flow control component (Data Diode) is utilised to enforce the one-way flow of data and perform a protocol break.

Content Disarm and Reconstruction (CDR)

Glasswall CDR treats all files as untrusted, validating, cleaning and rebuilding each one against their manufactuer’s known good specification.

The all-encompassing TrustedFilter™ Appliance+

4Secure adopted their TrustedFilter™ Appliance+ to implement this solution. The all-encompassing extensible appliance consists of two unidirectional gateways, incorporates the full TrustedFilter™ software suite for data verification and protocol handling, while supporting multiple data flows with 10gbps available throughput.

Contact Us

Want to know more about 4Secure's products, services and cross-domain solutions? Engage with 4Secure's specialists to find a tailored solution. The 4Secure team offer full support through 30-day proof of concept of any solution at cost to 4Secure.

Call for a Quick Consultation

Can't wait for a response? Call us now for a quick consultation with one of our cross domain solution specialists.