You might find it useful to subscribe to a product forum.
When setting up a content management policy make sure you add a list of file types you want to be set on hold to prevent them from harming your system Here is the list of potentially malicious file types. There are four main sections: Programs .EXE – An executable program file. Most of the applications running on Windows are .exe files. .PIF – A program information file for MS-DOS programs. While .PIF files aren’t supposed to contain executable code, Windows will treat .PIFs the same as .EXE files if they contain executable code. .APPLICATION – An application installer deployed with Microsoft’s ClickOnce technology. .GADGET – A gadget file for the Windows desktop gadget technology introduced in Windows Vista. .MSI – A Microsoft installer file. These install other applications on your computer, although applications can also be installed by .exe files. .MSP – A Windows installer patch file. Used to patch applications deployed with .MSI files. .COM – The original type of pro
Archive Support The Archive Support functionality adds value by providing you with the reassurance and confidence to safely receive archive files. Archive Support: Features This feature leverages our existing patented CDR technology to clean and rebuild multiple documents in an archive file to match their known good manufacturer’s standard. The file types that are supported are Zip, Tar, GZip, 7Zip, and Rar. Some Archive file types cannot be rebuilt into the same file type; for these, the replacement file types are also shown below: Incoming File Type Rebuilt File Type Zip Zip Tar Tar GZip GZip 7Zip Zip Rar Zip How does it work and how can I help test? Create an archive file and send it to your domain email address. You can
Users receive files on their work computers in a variety of ways. Use the Glasswall Desktop app to automatically remove potential threats from files (including threats AV software hasn’t detected yet).The Glasswall Desktop app gives users the ability to drag and drop files from the outside world into the Glasswall CDR Platform – so they’re free to use files without risk.How it worksThe Glasswall Desktop App uses the patented Glasswall CDR Platform to inspect, clean and rebuild every file to its known good state in real-time–proactively protecting your organization against the most persistent and complex file-based threats.Follow the article in the link below for more information on how to download and install Glasswall Desktop App: https://glasswall-desktop.com/ Architecture DiagramGW Desktop ArchitectureKey BenefitsEnable users to work risk-free with any file received outside your organization Instantly disarm threats in files from unknown sources (e.g. a customer’s USB drive) Users g
Glasswall Web App gives users the freedom to work with files risk-free across their devices by simply drag and drop files from the outside world and instantly remove potential threats – even the ones AV solutions haven’t detected yet. How it worksThe Glasswall Web App uses the patented Glasswall CDR Platform to inspect, clean and rebuild every file to its known good state in real-time–proactively protecting your organization against the most persistent and complex file-based threats. Follow the article in the link below to test drive Glasswall Web app: https://www.glasswallsolutions.com/test-drive/Architecture diagramGlasswall Web App Architecture diagram Data Flow diagramGlasswall Web App Data Flow diagram Demo VideoKey benefitsEnable users to work risk-free with any file received outside your organization Instantly disarm threats in files from unknown sources (e.g. a customer’s USB drive) Give users immediate feedback on identified risks in a file and how it was removed Both original
Glasswall CDR Platform Unlike traditional detection-based security methods that play catch up with new threats, Glasswall’s CDR (Content, Disarm & Reconstruction) technology instantly cleans and rebuilds every file to match its ‘known good’ industry specifications, to remove potential malware. Without sacrificing productivity, the Glasswall CDR platform ensures every file is safe. Glasswall CDR platform is built on flexible and scalable infrastructure using Compliant Kubernetes, so you can spin up CDR clusters to suit your needs. Our platform is security hardened and compliance-ready for total peace of mind, so you can be the security team that drives business forward, no matter what’s ahead.Why Glasswall CDR? Ensure every file entering your organization is safe. Easily set your own risk criteria for how files are used in your organization. Flexible & scalable processing for any file volume. It’s refreshingly easy to deploy. Protect your organisation from malware wit
Proxy Servers or Application Delivery Controllers are standard elements within the network to separate trust boundaries. Network appliances that support the Internet Content Adaptation Protocol (ICAP) are used to provide an industry standard way to support transparent SSL inspection to disarm and rebuild dangerous files by Glasswass CDR.How it worksUsing the Glasswall ICAP Plug-in files are processed by Glasswall CDR Platform with millisecond speed and returned free from threats so they can be safely opened and viewed by the user. Architecture OverviewImplemented as a K8s service Easy to deploy within ICAP Service cluster Interacts with Adaptation Service with RabbitMQ Accessible on : http/80 & https/443Architecture DiagramThe C# service receives files for a rebuild on the REST API endpoints. After preliminary processing (at least must verify the file has been received), the request is passed to the Adaption Service with Adaption request RabbitMQ message. The file to be reb
The Glasswall Cross Domain Plug-in removes potential threats from files crossing multiple domains in and out of private or public networks. The Plug-in mediates the flow of files from a source location (e.g. Dropbox) onto the Glasswall CDR Platform which instantly cleans and rebuilds files to match their known good manufacturer's specification – then places the safe file to a destination location which is typically in a higher trust zone. How it worksCDR implementations can be chained together, as they span different domains to ensure that the process is double-blind. Files are processed in dedicated Kubernetes Pods and Containers which are destroyed once a sanitized file is emitted, ensuring the integrity of the environment. Key benefitsGlasswall CDR platform is context agnostic about how the Cross Domain air-gap is established Multiple connectors available to define how the Cross Domain Plug-in communicates with storage repositories before passing the file to the Glasswall CDR Plat
Microsoft 365 and SharePoint subscribers rely on these servers for collaboration across internal and external teams. These dynamic environments increase security risks–especially when opened to external parties.Glasswall SharePoint Plug-in secures collaboration with proactive file protection that guards against malicious links and other unknown threats enabling you to reduce risk while increasing productivity.How it worksThe Glasswall Sharepoint Plug-in uses the patented Glasswall CDR Platform to inspect, clean and rebuild every file to its known good state in real-time–proactively protecting your organization against the most persistent and complex file-based threats. Glasswall Sharepoint Plug-in ServerGlasswall Sharepoint Plug-in Server Glasswall Sharepoint Plug-in OnlineGlasswall Sharepoint Plug-in OnlineSequence Diagram Key benefitsScalable, secure threat removal and data loss prevention Threat protection and data loss prevention that goes beyond standard antivirus solutions Stop i
Glasswall is seeking you insights on which cloud storage platforms are valuable to you. This input will guide our prioritisation of work to integrate with and support these platforms. Please complete this very quick (1 minute) survey question to have your say https://www.proprofs.com/survey/t/?title=pgbiz Of course are also happy to hear from you if you want to respond in the community forum here or ask any questions about this. Thanks from the Glasswall Customer Team
We are always looking at improvements for our product and the service we can give to our customers. We are looking at 2 solutions for customers to have their say over. If there is a delay or a fault our engineers will be hard at work to get the systems back up and running, The 2 solutions we are working on for your continued service are the below, these will run parallel together so if queuing after 1 hour the delay is not resolved this will bypass Glasswall and emails will go straight to the recipient. Service bypass - Service will bypass Glasswall and emails/attachments will be sent to the recipient without Glasswall involvement until the incident has been resolved. This can be completed on our system so there will be no involvement needed by the customer and a report will be sent to cover the time the system was down and Glasswall can supply and attachments you wish to be rebuilt and sent directly to you during the downtime. Message queuing - We also have an option to queue emails f
Glasswall SDK Release Notes [Latest V1.308.0] Here you can read about changes to the latest version of the Glasswall SDK. Each new version includes bug fixes and stability improvements to deliver you the best Glasswall experience.Our engineers are constantly working to improve the functionality of our product, enabling it to respond to the increasing demands of modern businesses, expanding the supported file type list, and updating it to reflect the latest file specifications. We value customer feedback, which you can contribute as a member of our community here. For more information, please contact Glasswall Support. V1.308.0 General RemarksThis release contains bugs and performance fixes. Critical FixesMemory to memory no longer regenerates files that file to file and file to memory reject.PDF: Export crashes are now fixed, blank PDF post process no longer occurs.Other FixesXLSX: Drawing shapes no longer causer repair notifications. DOC: Files no longer failing without issues bei
This article gives you detailed instructions how to download Evaluation versions of SDK Rebuild and Editor within a Docker container .You can download or view instructions in a PDF file below. Follow instructions carefully and you should be successful. Documentation: https://docs.glasswallsolutions.comLog a support ticket: https://glasswall.atlassian.net/servicedesk/customer/portals
Analysis and Protect mode Glasswall Rebuild's unique patented approach provides the reassurance of total document security within normally communicated documents. This is achieved principally using a patented regeneration capability whereby only known good data is allowed to be generated to a sanitized, safe file.The engine has two broad modes of operation:Analysis: Provides a detailed report highlighting content that is contained within a file is shown Protect: File is analyzed and a safe, substitute copy is made.The Analysis mode enables the content of documents to be assessed with an XML report generated to summarise the non-conformances and potential threats. The Protect mode addresses the issues that are identified, returning an updated document with the remedies and sanitization changes necessary to remove threats within the original document.You can select mode by changing process mode in config file, 0 Analysis and 1 for Protect : Analysis Mode OverviewIn Analysis Mode a file-
File types supported by SDK Rebuild The table below lists the file formats fully supported by Glasswall Rebuild. 'Fully supported' means that the files are subject to inspection at a very low level. The table below lists the file formats partially supported by Glasswall Rebuild. 'Partially supported' means that the files are subject to inspection at a high level. Supported File SizesGlasswall Rebuild provides 64-bit version of a Dynamic-link Libraries (.DLL) for Windows and/or Shared Objects (.so) for Linux operating systems that can analyse and protect files up to the size of 2 GB (2^30 bytes) provided that other internal limits (such as recursion depth) are satisfied. PDFProcessing Specific to PDF in Protect ModePDF is the only file type that allows for an optional watermark to be added to the regenerated file. The watermark is a maximum of 20 (ASCII) characters and is added to the top right hand corner of each page of the regenerated file.Specification Validated AgainstPDF Refer
Glasswall mail service Policy allows users to create a unique set of rules for your account. This means that you can fully customize the way that this service is running. This can be very useful when working in a dynamic environment. There are two major categories of rules. First one is dealing with what is to be done with a specific type of files. For example, all incoming word documents are to be clear of macros and the second major category is to set a rule based on sender and recipient address. For example, all incoming mail from sender X containing word document is allowed to have macros. Also, there are 3 policy categories regarding the time when the policy was or will be used: previous, current and draft policy. All rules and groups are created in the file trust administrator portal. https://portal.filetrust.io/ When setting up Policy first thing to do is to set up the main policy in regarding file type.This will allow you to create a unique rule for each file ty
Bounce Back’s In The Transaction Logs You may see bouncebacks appearing in the transaction logs which may acquire when going live after the policy set up, even during configuration mode. They may not need to be action taken, check the following: Is the address’s non-reply address? Does the sender address have a relay endpoint? This may be for an example a news letter which does not require a reply and when the email is processed through the Glasswall engine the engine can not resolve the sender's address.
How to Add an Exception for a Large File Glasswall Email Security allows any file up to 50MB through by default. However, if a file exceeds that size you will see the following alert: Warning: FileTrust Email - A tenants email has been bounced. on aks-cluster:uksprod1,message:the_received_message_of_52718694_bytes_exceeds_max_message_size_of_52428800_bytes.,tenant_name:companynameAn email has been bounced:- Tenant: companyname- Cluster: clustername- Reason: the_received_message_of_52718694_bytes_exceeds_max_message_size_of_52428800_bytes. Fortunately, there is a way we can implement an exception for those files so that they are not relayed through, via the Glasswall Portal.The changes are made via the Exchange Admin by adding an exception for files larger than 50MB, as shown below.
We have found there can be an issue with forwarding calendar/ meeting invites from users from outside our domain or organization. We have found that if you add the below exception to your existing O365 transport rule this will allow the calendar/meeting invites to pass through without an issue.This can work for Teams, Google Meet, Zoom and so on. Please let us know if this article has helped
This topic explains how to configure Google G Suite Child Organization unit so that inbound (external) email processed by FileTrust prior to delivering email to recipients within your organization only applies to specific users. FileTrust configuration will only be applied to the users under Child Organization instead of the whole Organization.How to:Sign in to your Google Admin console. From the Admin console Home page, go to Menu > Directory > Organizational units. Hover over the organization you want to modify and click Create new organizational unit. Enter a name under Name of Child organizational unit and description. Assign users to the Child Organization unit, go to Menu > Directory > Users. Hover over the users to assign into the Child Organization > Select More > Change Organization Google G Suite Integration:When configuring the Content Compliance Rules under Advanced Settings Select the Child Organization Unit you created above to apply FileTrust
Create a Linux Environment on Windows 10 Platform To install a Linux terminal on your desktop using the Windows 10 environment:Navigate to Windows Update & Security and set it to Developer mode. Next, navigate to Control Panel > All Control Panel Items > Programs and Features and select Turn Windows features on or off. Next, ensure Windows Subsystem for Linux is selected, and click OK. Windows will now download and push an update. This requires a system reboot.Once the updates are complete, download and install Ubuntu from the Microsoft Store.Note: When you start Ubuntu, a black screen is displayed while it installs. Once installation is complete, create a new username and password.Once setup is complete, enter pwd to see your current location. Type ls –la to list files in current folder. To be able to have access to windows files and folders you need to find your mount point by typing ls /mnt/. Note: the screenshot below displays the C and E drives. Now we move to
Scenario Two O365 domains, two Glasswall Tenancy’s unable to send mail between the 2 tenancies.This organisation are running 2 Glasswall rebuild for email tenancy’s where they can receive and send email but not between each other. The organisation were currently using Orgaisation connectors so the flow of mail on the return would not return to the recipient but cause a loop back to the original starting point. In this secenraio the client is currently using mimecast, as a lot of organisations use 3rd party software this could be related to a set up you may have?You can see on the images below:Organisation connectorsWith the upgrade to Partner connectors this then improved the mail return back to the recipient and stopped the loop back to the original starting point. As the Organisation has 2 O365 set ups, the organisation connectors does not reconises the O365 being in the same EOP forest which causes the loop.once the connectors are upgraded this improves the mail flow and send the jo
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.