Glasswall ICAP Plug-in


Proxy Servers or Application Delivery Controllers are standard elements within the network to separate trust boundaries. Network appliances that support the Internet Content Adaptation Protocol (ICAP) are used to provide an industry standard way to support transparent SSL inspection to disarm and rebuild dangerous files by Glasswass CDR.

How it works

Using the Glasswall ICAP Plug-in files are processed by Glasswall CDR Platform with millisecond speed and returned free from threats so they can be safely opened and viewed by the user.

 

 


 

 

 

 

 

 

 

Architecture Overview

  • Implemented as a K8s service
  • Easy to deploy within ICAP Service cluster
  • Interacts with Adaptation Service with RabbitMQ
  • Accessible on : http/80 & https/443

Architecture Diagram

  • The C# service receives files for a rebuild on the REST API endpoints.
  • After preliminary processing (at least must verify the file has been received), the request is passed to the Adaption Service with Adaption request RabbitMQ message.
  • The file to be rebuilt is uploaded to the Original Store.
  • Once the processing is completed, C# service gets informed with a RabbitMQ Adaption outcome message.
  • C# service get the rebuilt file from the Rebuild Store and passes it to the user.

 

Key benefits

  • Leverage existing Proxy Server to remove threats from files which ingress or egress between trust boundaries without requiring user action or co-operation
  • Apply CDR policies to web traffic that ensures your business and users are protected, while maintaining business continuity
  • Industry standard implementation of Internet Content Adaptation Protocol (ICAP) to work with Proxy Servers to yield industrial strength protection for users

Key features

  • CDR protection provided to file transfer with only millisecond latency
  • Analysis of files injected from transparent SSL inspection is directed to an open architecture
  • Kubernetes deployment to provide burstable speed and scaling as web and user traffic increases
  • Returned files are visually identical to the original file
  • Ability to disable HTML links in files to protect users from social engineering attacks that may appear from legitimate file origins
  • Files are rebuilt to a standard format, reducing risk against the most sophisticated attacks
  • Secures web traffic, without prescribing how a user archieves their day-to-day business goals

Use Cases

  • Cross Domain Solution where files are in transit across trust boundaries
  • Safety net for users opening files from seemingly trustworthy URLs
  • Inline security with either a forward or reverse proxy workflow
  • Where file sandboxes or denotation chambers degrade user experience to become unworkable

Interested in learning more? We’re happy to chat, contact our sales team through:
sales@glasswallsolutions.com 


0 replies

Be the first to reply!

Reply