Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 5 replies
  • Subscribers 5 subscribers
  • Views 10313 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SafeGuard Enterprise Integration

Tommas

I am a vendor who is trying to integrate the Sophos product
with ours. We have a Data Discovery Suite, that crawls the cloud we provided
the customer, and other UNC or NFS mount paths, and indexes the files for
e-discovery.

The Sophos customer is just starting to deploy you product,
and we are trying to figure out how our indexing engine can de-crypt files when
it encounters them for indexing.

Is there an API for the client side we can use? They said
they will have a “GOD” key that our equipment can use.

Any other integration tools?

:26241


This thread was automatically locked due to age.
  • 0
    I can see potential issues with this already. There's the easy way and the do it yourself way. The easy way to is have a service that runs as an interactive desktop user on a dedicated machine that talks to the clients sophos server down the file that is authorized to decrypt the document, script a batch job to decrypt and copy the files to your own server. This may require a dedicated machine on their domain depending on how everything is configured, and their network is set up, maybe a VPN tunnel or if the have their SSL communication ports open you can do so over the net directly. There's probably protections built into safeguard to prevent you from just automatically importing a cert and encryption key for a specific user, I imagine there's more to it than that. A developer would have to chime in on that one.
    :26359
  • 0

    Thanks Joel, our appliance runs on some version of open Linux ( I will find out specifically).

    I assume we could run the client on that, are there any pre-requisites you could envision?

    :26393
  • 0

    Officially Sophos does NOT have a linux version, they may be working on one however any information would probably be disclosed by a Sophos engineer under NDA.

    Embedded appliance integration REALLY requires doing whatever is required to have Sophos as an integration partner, this isn't a "just buy this, do this to get this to work".

    It might be possible to engineer something if you can get the customer to extract the certs and encryption key the file was encrypted with and you have some encryption gurus, and you have an NDA with the required documentation and consulting from a Sophos Engineer.  That would be key to getting that to work.

    As a backup option I would also suggest setting up an independant vmware player appliance to run on a server (or can be used with ESX if the customer has it) that can decrypt, and your device should moniter, manage, the VM, as well as control push/pull.  This would essentially create a "staging area" to use for encryption/decryption.  I've scene a number of companies use a pre-fabircated VM on a customers server (or your own) as a staging area for embedded linux appliance file transfers.  This two stage process could also do stuff like verify file integrity at both locations in cases of shakey internet connections or broket fiel transfer pipes, heavy packet loss, and other tasks like enforce signing and cert checking, have a deticated VPN tunnel, etc, to make sure the route and file transfers from said VM are secured sense you are decrypting before transport.  Some companies doing encrypted cloud backup integration are using this method to aboid windows to linux integration issues on the customers side.

    :26451
  • 0

    Hi Tommas,

    once the files from you/our customer become encrypted in the cloud, the e-discovery solution might no longer work. I guess what we need to get this running would be a dedicated machine, installed with SafeGuard Enterprise Cloud Storage module that is aware of the keys that are used to encrypt the files in the cloud + an instance of your Data Discovery Suite.

    As our SafeGuard Client (more specific, the Cloud Storage module) is only available for Windows platforms and your Data Discovery Suite is based on Linux, we might have some kind of dead lock situation that can - if at all - only be solved in a project based solution.
     

    Unfortunately, this is nothing that will work out of the box.

    Cheers,

    Chris

    :26581
  • 0

    Thanks Chris, your are exactly correct, that is the issue. We have one of our corporate teams now engaged, hopefully they will be able to get some Sophos help with this. I would assume being a Technical Partner would take care of that, but I'm not sure thats the path they are going to take,

    Thanks Again.

    ~Thomas

    :26583
Unfiltered HTML