Glasswall CDR Platform

  • 30 July 2021
  • 0 replies
  • 46 views

Glasswall CDR Platform

 

Unlike traditional detection-based security methods that play catch up with new threats, Glasswall’s CDR (Content, Disarm & Reconstruction) technology instantly cleans and rebuilds every file to match its ‘known good’ industry specifications, to remove potential malware. Without sacrificing productivity, the Glasswall CDR platform ensures every file is safe. 

Glasswall CDR platform is built on flexible and scalable infrastructure using Compliant Kubernetes, so you can spin up CDR clusters to suit your needs. Our platform is security hardened and compliance-ready for total peace of mind, so you can be the security team that drives business forward, no matter what’s ahead.

Why Glasswall CDR?

  • Ensure every file entering your organization is safe. 

  • Easily set your own risk criteria for how files are used in your organization.  

  • Flexible & scalable processing for any file volume.

  • It’s refreshingly easy to deploy.

  • Protect your organisation from malware without agents and heuristics.

  • Remove zero-day threats from files.

  • Maintain integrity of visual and data layers.

  • Security at the speed of business: reduce dependency on sandboxing and detonation chambers.

  • Massively scalable Kubernetes-based architecture to suit your demand.

  • Integrates with other malware protection solutions.

 

Key Features

  • Cloud-native architecture which provides infinite scaling on demand.

  • Deployable hubs across your organization which enable CDR workflows across multiple network segments.

  • Open source-based connectors allow for easy on-premise and cloud integrations.  

  • Developer-centric web services with OpenAPI specification compliant design.

  • Cloud-ready machine images and virtual machine.  

  • Out-of-the-box observability and metrics reporting.

  • Typical sub-second parallel file processing.  

  • Available on-premises, across all clouds or via dockers.

 

Glasswall CDR Architecture

 

The Glasswall CDR platform instantly cleans and rebuilds files to match its ‘known good’ manufacturer’s specification, automatically removing malware and threats from files entering your organisation.

 

Architecture Elements

  • Workflow cluster
  • Worker cluster
  • Load balancer
  • Monitoring
  • Three hard disks (source, evidence and target)

 

Process Flow Diagram

 

 

Data Mapping

 

 

Metadata Module

 

The Metadata Service class manages the creation and updating of the metadata.json files in the HASH directories on HD2.

  • get_metadata - takes the path of the file and creates the JSON object
  • get_from_file - get the JSON object from the metadata.json file in the HASH directory
  • write_metadata_to_file - saves the current JSON object to metadata.jsom file in the HASH directory
  • get_original_file_path - obtains the original file path from metadata in the HASH directory
  • get_status - gets current status stored in the metadate.json file of the HASH directory
  • set_status - updates the status stored in the metadate.json file of the HASH directory

 

Pre-Processing Module Flow

 

 

Processing Module Flow

  • Iterates through the HASH folders created during pre-processing on HD2

  • For each HASH folder:

    • If the status in metadata is not “INITIAL” does nothing
    • Otherwise:
      • Updates the status in metadata to “IN PROGRESS”
      • Sends the file to be processed
      • Saves the processed file to the corresponding directory in HD3
      • Saves the processing report to the HASH folder
      • Updates the status to “COMPLETED”
  • In Loops ClassLoopHashDirectories function iterates through HASH directories of HD2, for each of the directories, it initiated file processing with a call to processDirectory of the File_Processing class

  • The File_Processing class is accessed with the processDirectory function. The function gets a HASH directory path on HD2 as a parameter and processes it.

 

Components Overview

 

Offline Deployment Flow using OVAs

 

 

Use Cases

 

Have more questions about our product, pricing, security, implementation, or anything else? We’re happy to chat, please contact our sales team  at sales@glasswallsolutions.com.


0 replies

Be the first to reply!

Reply