The Secure ICAP Gateway (SIG) adds significant data security assurances and value to MFT through its threat protection, deep content inspection engine, adaptive data redaction, and flexible policy settings, while GoAnywhere MFT makes defining, managing, and securing files at rest and in motion easier.
One common use case:
- GoAnywhere securely transfers attachments between employees or trading partners.
- The ICAP only intercepts content when threat protection and data loss prevention requirements exist.
- ICAP runs rule set (keywords search, executable renaming, script removal, etc.)
- If the content cannot be sanitised, the transmission is allowed and continues.
- If the content can be sanitised, the transmission is blocked.
Additional features you can add to your file transfer process are structural sanitisation, document sanitisation, data redaction, anti-steganography, and optical character recognition. Adding the security features within ICAP helps you get the best and most thorough security for file transfers.
Deep Content Inspection
A deep content inspection (DCI) engine fully disassembles the communication flow in real time and applies the appropriate policy depending the content, context and required regulation policy. A context-aware scanning capability helps detect and prevent scenarios where users try to upload documents containing Intellectual Property for example to Shadow IT websites or cloud file sharing apps such as Dropbox.
The DCI engine also offers true-file type detection and file structure verification to prevent executable files from being downloaded.
Rather than block content flowing through the Secure ICAP Gateway, unique Adaptive Redaction features sanitise sensitive or critical data in Microsoft Office, Open Office, PDF and image files in real time, keeping them safe and secure.
Data Redaction: Sensitive data or critical information is automatically removed from documents and images. Text in images is identified using Optical Character Recognition (OCR).
Document and Image Sanitisation: Metadata, change history and properties are removed from files.
Structural Sanitisation: Active code (macros, scripts and Active/X) is removed from common document formats.
ICAP for Antivirus and DLP
To prevent viruses, malware and other malicious content from entering your organisation, GoAnywhere MFT can integrate with antivirus solutions using the standard ICAP protocol. When a new file is uploaded to GoAnywhere MFT, the file contents can be sent to the antivirus software for scanning. If malicious content is found, GoAnywhere MFT can quarantine or delete the file, and then send an email alert to an administrator.
Data Loss Prevention (DLP) in GoAnywhere MFT
GoAnywhere MFT can send files to a DLP solution over the ICAP protocol to inspect the contents for sensitive information such as credit card numbers, personally identifiable information (PII) and health care information. The DLP solution will instruct GoAnywhere MFT on whether or not to proceed with the file transfer. For example, before files are sent to a trading partner through Secure Mail or SFTP, a Project in GoAnywhere MFT can scan the file for sensitive information. If the file contents are cleared, the transfer will occur as normal. If the file contents are deemed sensitive and blocked by the DLP solution, GoAnywhere MFT can alert administrators and deny the file transfer from occurring.
Combine Clearswift and MFT for Ultimate Security in File Transfers!