Glasswall CDR Platform


Unlike traditional detection-based security methods that play catch up with new threats. Glasswall’s CDR(Content, Disarm & Reconstruction) technology instantly cleans and rebuilds every file to match its known good industry specifications - automatically removing potential threats. Without sacrificing productivity, the Glasswall CDR platform ensures every file is safe. 

Glasswall CDR platform is built on flexible and scalable infrastructure, using Compliant Kubernetes so you can spin up CDR clusters to suit your needs. Security hardened and compliance-ready for total peace of mind, so you can be the security team that drives business forward, no matter what’s ahead. Trust every file is safe, no matter how it moves through your organisation. 

 

How it works

The Glasswall CDR Platform instantly cleans and rebuilds files to match its known good manufacturer’s specification – stripping away anything that doesn't conform. This proactive approach automatically removes malware and exploits from files.

Architecture elements & Diagram

  • Workflow cluster
  • Worker cluster
  • Load balancer
  • Monitoring
  • 3 Hard disks (source, evidence and target)
CDR Architecture diagram

 

Flow diagram

CDR Flow Diagram

 

Data mapping

CDR Data mapping

 

Metadata Module

The Metadata_Service class manages the creation and updating of the metadata.json files in the HASH directories on HD2

  • get_metadata - takes the path of the file and creates the JSON object
  • get_from_file - get the JSON object from the metadata.json file in the HASH directory
  • write_metadata_to_file - saves the current JSON object to metadata.jsom file in the HASH directory
  • get_original_file_path - obtains the original file path from metadata in the HASH directory
  • get_status - gets current status stored in the metadate.json file of the HASH directory
  • set_status - updates the status stored in the metadate.json file of the HASH directory

 

PreProcessing Module Flow

Pre-Processing Module Flow

 

Processing Module Flow

  • Iterates through the HASH folders created during pre-processing on HD2

  • For each HASH folder:

    • If the status in metadata is not “INITIAL” does nothing
    • Otherwise:
      • Updates the status in metadata to “IN PROGRESS”
      • Sends the file to be processed
      • Saves the processed file to the corresponding directory in HD3
      • Saves the processing report to the HASH folder
      • Updates the status to “COMPLETED”
  • In Loops ClassLoopHashDirectories function iterates through HASH directories of HD2, for each of the directories, it initiated file processing with a call to processDirectory of the File_Processing class

  • The File_Processing class is accessed with the processDirectory function. The function gets a HASH directory path on HD2 as a parameter and processes it.

 

Components overview

 

Components overview

Offline deployment flow using OVAs

 

Key Benefits  

  • Secure every file in your organization  

  • Easily set your own risk criteria for how files are used in your organisation  

  • Flexible & scalable processing for any file volume

  • Refreshingly easy to deploy

  • Malware protection without agents and heuristics

  • Remove Zero-Day threats from files

  • Maintain integrity of visual and data layers

  • Security at the speed of business: reduce dependency on sandboxing and detonation chambers

  • Massively scalable Kubernetes-based architecture to suit demand

  • Interoperable with other malware protection solutions

Key Features  

  • Cloud-native architecture providing infinite scale on demand  

  • Deployable hubs across your organization to enable CDR workflows across multiple network segments  

  • Open source-based connectors for easy on-premises and cloud integrations  

  • Developer-centric web services with OpenAPI Specification compliant design  

  • Cloud-ready machine images and virtual machine  

  • Out-of-the-box observability and metrics reporting  

  • Typical sub-second parallel file processing  

  • Available on-premises, across all clouds or via dockers 

Use cases

  • Centralized file processing services
  • Bulk file imports
  • Platform migration to cloud
  • Documents and records migration
  • Internal bulk file scanning

Interested in learning more? We’re happy to chat, contact our sales team through:
sales@glasswallsolutions.com 


0 replies

Be the first to reply!

Reply