Digital transformation and expanding collaboration in the workplace put growing demands on shared storage systems. At the same time, increasingly sophisticated and prolific cyberthreats dictate the need for reliable storage security - for example, to prevent infected files from spreading across the organization and beyond. Bitdefender GravityZone Security for Storage delivers best-in-class real-time protection for Citrix ShareFile.
HOW IT WORKS
The GravityZone Control Center acts as a central management console for Security for Storage (and complementary Bitdefender solutions). One or more GravityZone Security Virtual Appliances (SVA) perform the role of ICAP server(s) providing antimalware-analysis services to Network-Attached Storage (NAS) and file-sharing solutions compliant with the Internet Content Adaptation Protocol (ICAP, as defined in RFC 3507), such as Citrix ShareFile.
When a user requests to open, read, write, or close a file from a laptop, workstation, mobile, or other device, the ICAP client (a NAS or file-sharing system) determines, based on policy, whether the file requires anti-malware scanning. If a scan is needed, the ICAP client sends the request to the SVA, which analyses the file and returns a verdict to the storage system. Depending on configuration, the SVA can also take policy-driven action, such as disinfecting a file deemed malicious. If the file is clean or disinfected, the storage system allows the user to access it. If the file is unsafe, access is prohibited (dependent of the capabilities of the NAS or file-sharing system vendor). In addition to on-access scanning, you can use Security for Storage to scan archives.
Bitdefender’s security technology is trusted by over 500 million users in 150 countries. GravityZone Security for Storage leverages this know-how to provide multiple layers of defense (including machine learning, heuristics, signatures, and cloud lookup) against known and unknown file-based infections that may be part of zero-day or advanced attacks.
GravityZone’s web-scale, modular architecture lets you add a virtually unlimited number of ICAP servers (SVAs) on demand to support the increasing number of scan requests as your organization’s workforce and data grow.
You can administer Security for Storage from the same central console as other GravityZone solutions, making it fast to deploy and easy to manage. Plus, system and threat-detection algorithms upgrade automatically, so they require no effort from you and will not disrupt your end-users. Security for Storage is highly configurable, allowing you to easily define policies and exclusions, set up default action for infected files, create custom reports, and trigger real-time malware-detection notifications to match your organization’s requirements.
Security for Storage has been validated with Nutanix® Acropolis File System (AFS) and Citrix® ShareFile, and it supports ICAP-compliant NAS solutions by Dell, EMC, IBM, Hitachi, HPE, Oracle, and others. If you have a variety of ICAP-compatible devices in your organization, GravityZone can protect your multi-vendor NAS estate from the same deployment, helping reduce the cost of storage-security infrastructure.
The redundant design of the GravityZone platform (including multiple instances of its database, communication, or web servers) ensures its intrinsic resilience. Policy-based load balancing across SVAs eliminates single points of failure at the system level, ensuring uninterrupted security and high availability (configured and controlled by the ICAP client system.)