Content Integrity Control

Globalscape EFT secures, manages, and tracks data transferred between people and applications both inside and outside your organization. To help you protect this data, Globalscape EFT offers Content Integrity Control (CIC) to replace all of the antivirus/Data Loss Prevention (DLP) agents installed on desktops. No more multi-seat licensing fees or pushing antivirus updates to every desktop in your organization. Having an agent on every desktop is expensive to license, deploy, and maintain. Stopping the file before it gets to the desktop saves IT’s time in hunting down and eliminating the spread of a virus. In the case of DLP, EFT can identify files that have proprietary or protected information before they leave the organization, instead of after the fact.

Control What Gets Through

CIC integrates with virus scanners and DLP tools to permit or prevent file transfers based on your organization’s policies, and supports compliance with PCI DSS. With CIC, you won’t expose your network to files containing malware, or share confidential or proprietary information.

When the CIC Action is added to an Event Rule, any file that triggers the Event Rule is sent to a content inspection server (antivirus scanner or DLP solution) for scanning.

  • If the file passes the scan, other actions can occur, such as moving the file to another location.
  • If the file fails the scan, Event Rule processing can stop, or other Actions can occur, such as sending an email notification and moving the file to a quarantine folder.

Multiple CIC profiles can be created on the server to send files to different solutions, or to look for different ICAP status codes or text in the ICAP header or body. Then you can add the predefined profile to one or more Event Rules. The results can be captured in a predefined CIC report or your own custom reports in the Auditing and Reporting module database.

Fully Integrated Content Control

Integrating the task of processing into EFT allows you to audit these occurrences and ensure files are properly handled before being visible to the rest of the organization. Configure the CIC connection to the antivirus or DLP server in reusable “profiles” one time, and then insert the profile in any Event Rule that can trigger upon inspection of files uploaded to or downloaded from EFT. Subsequent actions can occur based on inspection results, including sending email notifications, moving the file to a quarantine folder, or allowing the file to continue to its destination.

Generate Reports Of All CIC Activity

Many antivirus and DLP servers offer reporting, but they are often weak on details. In Globalscape EFT, all actions are tracked in a log file and in the database, allowing you to generate reports of all transfers and CIC activity. A predefined CIC report is installed, and you can customize it with other information that is captured in the database. Additionally, EFT’s Status Viewer allows you to view transfers in real time.

Supported Antivirus and DLP Servers

CIC uses the ICAP protocol, the industry standard for antivirus and DLP servers. Any third-party content inspection product that supports ICAP can communicate with CIC . CIC is compatible with the following antivirus and DLP servers:


Antivirus:

  • Sophos
  • Avira

DLP:

  • Clearswift
  • Broadcom (formerly Symantec)
  • Forcepoint (formerly Websense)
  • McAfee
  • And others