PORTFOLIO

The EDS Content Verification Suite has been developed to meet the emerging security needs for content type enforcement. Flexibility, extensibility and environment integration are key architectural features. Aimed to meet the security requirements of a market which demands the highest levels of security and integrity.

Overview
The EDS CV Suite technology offers an extensible framework architecture which provides an enablement platform for bespoke filter development. This provides support for the ever changing needs of this fast growing sector of the security market.

The EDS CV capability is ideally placed for both specialist niche scenarios as well as wider market opportunities. Focused, and deployed initially in the UK Defence marketplace, the technology seeks to track upcoming standards of CV product assurance from UK government security and information assurance agencies.

The CV Suite's out of the box support and adaptability means the technology is deployable in a wide spectrum of markets, including: military, government, financial and commercial sectors.

Threats

• Accidental confidential information leakage
• Metadata leakage
• Unauthorized export of confidential information
• Skilled engineering attacks using file impersonation (masquerading files)
• Malicious scripting

The Content Verification Suite is used within the EDS Multi-Protocol Gateway to offer enhanced policy enforcement over many protocols, such as: X.400, SMTP (MIME/SMIME), ACP145, STANAG 4406 and FTP.

Many file types offer the ability to attach or embed content within themselves; typically this is seen with archive based file formats but is also possible within document formats such as PDF. Compound Documents are a prime example of this and the best examples can be seen in the Microsoft Office family of products.

These file formats allow other files, and object types, to be embedded within a root storage document. The Content Verifier must ensure that each embedded object is permitted within the parent document and is in turn permitted in-line with the current configuration policy in force.

The Content Verification scan engine is a fully recursive checker which can scan within compound documents, and other supported file types which enable attachment and embedding of other content.

The framework is fully customisable and allows custom filters to be added for file and text based scanning.

The Content Verification engine enforces a configurable policy file which offers fine grained control. It is possible to configure which file types are to be allowed and disallowed as well as offering the ability to configure which types should be permitted within other types.

Settings also exist for enhanced configurability. Examples of this are options for maximum compression ratios on archives, maximum message body for email and the maximum file recursion depth before a file is considered malicious.
The CV engine will fail safe and block any content that it cannot determine or is not configured within the policy file.