EaseFilter 文件系統過濾器SDK
- EaseFilter 文件系統過濾器SDK
-
類別資訊資安軟體
-
介紹EaseFilter綜合文件安全SDK是一套文件系統過濾驅動軟體開發包,包括:文件監控過濾驅動、文件訪問控製過濾驅動、透明文件加密過濾驅動、進程過濾驅動和註冊表過濾驅動 。
EaseFilter File System Filter Driver SDK
EaseFilter Comprehensive File Security SDK is a set of file system filter driver software development kit which includes file monitor filter driver, file access control filter driver, transparent file encryption filter driver, process filter driver and registry filter driver. In a single solution, EaseFilter Comprehensive File Security SDK encompasses file security, digital rights management, encryption, file monitoring, file auditing, file tracking, data loss prevention, process monitoring and protection, and system configuration protection. EaseFilter file system filter driver is a kernel-mode component that runs as part of the Windows executive above the file system. The EaseFilter file system filter driver can intercept requests targeted at a file system or another file system filter driver. By intercepting the request before it reaches its intended target, the filter driver can extend or replace functionality provided by the original target of the request. The EaseFilter file system filter driver can log, observe, modify, or even prevent the I/O operations for one or more file systems or file system volumes. A file system filter driver intercepts requests targeted at a file system or another file system filter driver. By intercepting the request before it reaches its intended target, the filter driver can extend or replace functionality provided by the original target of the request. To develop file systems and file system filter drivers, use the Windows Driver Kit(WDK), which is provided by Microsoft. Even with the resources available in the Windows Driver Kit (WDK) developing file systems filter driver is certainly a challenge. To simplify your development and to provide you with a robust and well-tested file system filter driver that works with all versions and patch releases of the Windows operating systems supported by Microsoft, EaseFilter Inc. offers the file system filter driver SDK which provides a complete, modular environment for building active file system filter driver in your application.
File system monitor filter can monitor the file system activities on the fly. With file system monitor filter you can monitor the file activities on file system level, capture file open,create, overwrite, read, write,query file information, set file information, query security information, set security information, file rename, file delete, directory browsing and file close I/O requests. You can develop the software for the following purposes:
- Create your own Continuous data protection (CDP) software to log the file update information, write information with offset and length in real time.
- Audit your file content.You can intercept any file system call, analyze it content, log it.
- Create Access Log, you will know who, when, what files were accessed.
- Journal the file update information. This control may be based on any file parameters, such as its location, type, size, etc.
File system control filter can control the file activities, which you can intercept the file system call, modify its content before or after the request goes down to the file system, allow/deny/cancel its execution based on the filter rule. You can fully control file open/create/overwrite, read/write, query/set file attribute/size/time security information, rename/delete, directory browsing these Io requests. With file system control filter you can developer these kinds of software:
- Create your Data protection Software. Block accessing your data based on your security policy, prevent data modification without permission.
- Create your own encryption software via encrypt the write data and decrypt the read data.
- Create your own custom security policies to control the file access.
- Hide or replace the files in the directory. You can modify the directory buffer to hide some files or change file name.
EaseFilter File system encryption filter driver SDK provides a comprehensive solution for transparent file level encryption. It allows developers to create transparent encryption products which it can encrypt or decrypt files on-the-fly, it can allow only authorized users or processes can access the encrypted files. Supported strong cryptographic algorithm Rijndael is a high security algorithm which was chosen by the National Institute of Standards and Technology (NIST) as the new Advanced Encryption Standard (AES), it can support key length 128-bits,192-bits and 256-bits.
Encrypt the file with 256-bits key,and embed with the digital rights management protection, only the authorized users, processes and computers can access the encrypted file.Share your files with fully control, you can expire or revoke the file access at any time, even after the file has been shared. Add or remove the authorized users, processes and computers at any time.
Monitoring registry calls to track the registry changes. When the registry key, value or security was modified, the callback routine will be invoked with a data structure that contains information that is specific to the type of registry operation. Blocking registry calls to prevent your registry from being changed by unauthorized processes. When the registry key, value or security is going to be modified, the callback routine will be invoked with a data structure that contains information that is specific to the type of registry operation, If a RegistryCallback routine returns a status value "STATUS_ACCESS_DENIED" for a pre-notification, this registry operation will be blocked and the error code will be returned. Modifying registry calls to create virtual registry key or value.
Monitoring the process and thread creation or termination, get the notification of the process and thread operations when you register the events. Prevent the untrusted executable binaries ( malwares) from being launched, protect your data being damaged by the untrusted processes. Process monitor and protector screenshot
A sandbox is a secure, isolated and a tightly controlled environment where programs can be run and data can be protected. Sandboxes restrict what a piece of code can do, giving it just as many, permissions as it needs without adding additional permissions that could be abused. Prevent malicious or malfunctioning programs from running.Run untrusted Windows programs safely in Easefilter Secure Sandbox. Protect your confidential files in Easefilter Secure Sandbox Easefilter Secure Sandbox screenshot
File System Tiered Storage Filter Driver SDK, is a data storage technique which automatically moves data between high-cost and low-cost storage media. Tiered Storage Filter systems exist because high-speed storage devices, such as hard disk drive arrays, are more expensive (per byte stored) than slower devices, such as optical discs and magnetic tape drives. Tiered Storage Filter systems store the bulk of the enterprise’s data on slower devices. A stub is created for and replaces each migrated file in the fast disk drives. On the local system, a stub file looks and act like a regular file. When you or a Windows application accesses a migrated file stub, the Windows operating system transparently directs a file access request to the Tiered Storage Filter driver. This driver retrieves the full file from the repository to which it was migrated.
EaseFilter 文件系統過濾器SDK
EaseFilter綜合文件安全SDK是一套文件系統過濾驅動軟件開發包,包括文件監控過濾驅動、文件訪問控製過濾驅動、透明文件加密過濾驅動、進程過濾驅動和註冊表過濾驅動。在單一解決方案中,EaseFilter 綜合文件安全 SDK 包含文件安全、數字版權管理、加密、文件監控、文件審計、文件跟踪、數據丟失預防、進程監控和保護以及系統配置保護。EaseFilter 文件系統過濾器驅動程序是一個內核模式組件,它作為文件系統之上的 Windows 執行程序的一部分運行。 EaseFilter 文件系統過濾器驅動程序可以攔截針對文件系統或另一個文件系統過濾器驅動程序的請求。 通過在請求到達其預期目標之前攔截請求,過濾器驅動程序可以擴展或替換請求的原始目標提供的功能。 EaseFilter 文件系統過濾器可以記錄、觀察、修改甚至阻止一個或多個文件系統或文件系統卷的 I/O 操作。 文件系統過濾器驅動程序攔截針對文件的請求系統或其他文件系統過濾器驅動程序。通過攔截在請求到達其預期目標之前,過濾器驅動程序可以擴展或替換原始目標提供的功能要求。 要開發文件系統和文件系統過濾器驅動程序,請使用 Microsoft 提供的 Windows 驅動程序工具包 (WDK)。 即使 Windows 驅動程序工具包 (WDK) 開發中可用的資源文件系統過濾驅動肯定是一個挑戰。為了簡化您的開發並為您提供強大且經過良好測試的文件適用於所有版本和更新版本的系統過濾器驅動於 Microsoft 支持的 Windows 操作系統中,EaseFilter Inc. 提供文件系統過濾器驅動程序 SDK,它提供了一個用於構建活動文件系統過濾器的完整模塊化環境應用程序中的驅動程序。
文件系統監視器過濾器可以動態監視文件系統活動。使用文件系統監視器過濾器,您可以監視文件系統級別的文件活動,捕獲文件打開,創建,覆蓋,讀取,寫入,查詢文件信息,設置文件信息,查詢安全信息,設置安全信息,文件重命名,文件刪除,目錄瀏覽和文件關閉 I/O 請求。您可以出於以下目的開發軟件:
- 創建您自己的持續數據保護 (CDP) 軟件來記錄文件更新信息,實時寫入帶有偏移量和長度的信息。
- 審核你的文件內容。你可以攔截任何文件系統調用,分析它的內容,記錄它。
- 創建訪問日誌,您將知道誰在何時訪問了哪些文件。
- 記錄文件更新訊息。該控制可以基於任何文件參數,例如其位置、類型、大小等。
文件系統控製過濾器可以控製文件活動,您可以攔截文件系統調用,在請求進入文件系統之前或之後修改其內容,根據過濾規則允許/拒絕/取消其執行。 您可以完全控製文件打開/創建/覆蓋、讀/寫、查詢/設置文件屬性/大小/時間安全信息、重命名/刪除、目錄瀏覽這些 Io 請求。 使用文件系統控製過濾器,您可以開發以下類型的軟件:
- 創建您的數據保護軟體。根據您的安全政策阻止未經許可的訪問及阻止未經許可的數據竄改。
- 通過加密寫入數據和解密讀取數據創建自己的加密軟件。
- 創建您自定義的安全策略以控製文件訪問。
- 隱藏或替換目錄中的文件。您可以修改目錄緩衝區以隱藏某些文件或更改文件名。
EaseFilter 文件系統加密過濾驅動 SDK 為透明文件級加密提供了全面的解決方案。它允許開發人員創建透明的加密產品,它可以即時加密或解密文件,它只允許授權用戶或進程可以訪問加密文件。支持的強加密算法 Rijndael 是美國國家標準與技術研究院 (NIST) 選擇的一種高安全性算法,作為新的高級加密標準 (AES),它可以支持 128 bits、192 bits和256 bits的密鑰長度。
使用256位密鑰加密文件,並嵌入數位版權管理保護,只有授權用戶、程式和電腦才能訪問加密文件。完全控制您共享的文件,即使文件已被共享,您也可以隨時撤銷文件訪問權限並且隨時添加或刪除授權用戶、程式和計算機。
監視註冊表調用以跟踪註冊表更改。當註冊表項、值或安全性被修改時,將使用包含特定於註冊表操作類型的信息的數據結構調用回調例程。阻止註冊表調用以防止您的註冊表被未經授權的程式更改。當要修改註冊表項、值或安全性時,將使用包含特定於註冊表操作類型的信息的數據結構調用回調例程。如果 RegistryCallback 例程返回狀態值“STATUS_ACCESS_DENIED” 對於預先通知,將阻止此註冊表操作並返回錯誤代碼。修改註冊表調用以創建虛擬註冊表項或值。
監控進程和線程的創建或終止,在註冊事件時獲取進程和線程操作的通知。 防止啟動不受信任的可執行二進製文件(惡意軟件),保護您的數據被不受信任的進程損壞。 進程監視器和保護程序截圖
沙盒是一個安全、隔離和嚴格控制的環境,可以在其中運行程序並保護數據。 沙盒限制了一段代碼可以做什麼,根據需要為其提供盡可能多的權限,而不會添加可能被濫用的額外權限。 防止惡意程序或故障程序運行。在 Easefilter 安全沙箱中安全地運行不受信任的 Windows 程序。 在 Easefilter Secure Sandbox 中保護您的機密文件 Easefilter Secure Sandbox screenshot
File System Tiered Storage Filter Driver SDK,是一種數據存儲技術,可以自動在高成本和低成本存儲介質之間移動數據。分層存儲過濾系統的存在是因為高速存儲設備(如硬盤驅動器陣列)比較慢的設備(如光盤和磁帶驅動器)更昂貴(每字節存儲)。分層存儲過濾系統將企業的大部分數據存儲在速度較慢的設備上。為快速磁盤驅動器中的每個遷移文件創建並替換存根。在本地系統上,存根文件的外觀和行為類似於常規文件。當您或 Windows 應用程序訪問遷移的文件存根時,Windows 操作系統會透明地將文件訪問請求定向到分層存儲過濾器驅動程序。此驅動程序從它遷移到的存儲庫中檢索完整文件。
goPatrol
goPatrol為SECWARD繼文件加密軟體TotalFileGuard後,所推出的新世代系統。沿襲TotalFileGuard保護文件及高度彈性的特質,擴大五個面向的資料流向監測機制,以提早示警及提高舉證效力,包括: 軟體與裝置異動自動偵測、文件列印實體與虛擬輸出、資料透過網路傳送、外接裝置的文件 存取、文件歷程保全、及綜合告警。 goPatrol會按預先擬定的對策,自動檢測異常的行為,並將可疑行為的各種輸出管道(包括:外接儲存裝置、網路傳輸、即時通訊、遠端桌面、遠端遙控...等)進行追 蹤 及記錄。即使用戶端 發生有意或無意的文件破壞操作,都可以讓被滅失的文件快速的呈現及復原。
Xmanager 7 遠端連結軟體
Xmanager 是一款功能強大且易於使用的 PC X 服務器,可在 Windows 平台上運行。 它允許您將遠程 Unix/Linux 桌面無縫連接到您的 Windows PC。 您還可以通過 SSH(安全外殼)協議安全地運行遠程 X 應用程序,即使您的 Windows PC 位於專用網絡中並且防火牆位於您的 PC 和遠程服務器之間。
Dynamic Data Protection 數據保護軟體
Prepare for the next level in user and data security with Forcepoint Dynamic Data Protection. Significantly reduce time to discovery, holistic forensic investigations, and alert burdens caused by false positives, allowing you to quickly respond to risk while maintaining optimum business efficiencies.