QUICK START GUIDE

Let’s get hands on with Glasswall’s award-winning d-FIRST core engine.

Experience the power of CDR.

I have some great news for you, evaluation versions of Glasswall’s SDKs are now available as Docker containers on GitHub. If you have ever wanted to process files through Glasswall’s award winning d-FIRST engine or are stumbling upon this just now, by simply pulling down our docker files, you can be up and running within minutes. Process files from a local input directory and output protected files along with detailed analysis reports.

What is d-FIRST?

https://www.glasswallsolutions.com/

Glasswall’s deep-file inspection remediation and sanitisation technology (d-FIRST) creates safe, clean and visually identical files, mitigating the risk posed by malicious documents. Rather than trying to detect dangerous content, Glasswall regenerates all files to a safe standard of ‘known good’, enforcing the format’s structural specification and eradicating high-risk active content. Glasswall is a proactive solution. At no point is a signature, an understanding of bad behaviour or detection needed.

Gartner terms this technology Content Disarm and Reconstruction (CDR). ‘This near-real-time process is an effective and efficient approach to removing malware and exploits from files. Although sandboxing and almost all other techniques depend on detection, CDR protects against exploits and weaponised content that have not been seen before.’ — Market Guide for Email Security — Gartner Research

GCHQ’s National Cyber Security Centre recommends techniques such as d-FIRST for data ingress. ‘Syntactic verification ensures the structure and syntax of the object are correct (e.g., that the content is valid XML or JSON which conforms to a specified schema). Semantic verification ensures that the meaning is valid in the context of the operation or business process being performed. Verification components ensure all potentially active content has been removed.’ — https://www.ncsc.gov.uk/guidance/pattern-safely-importing-data#section_4

If you’re thinking “Wow! This sounds amazing.” Then you are in luck, this post aims to guide you through getting setup and using Glasswall’s core engine as quickly as possible. For the adventurous types among you, links to our Core engines on GitHub along with all the required read-me’s can be found below:

Core1.5 — https://github.com/filetrust/SDK1.5Evaluation

Core2 (alpha) — https://github.com/filetrust/SDK2.01Evaluation

For the rest of us, let’s follow along below and process our first file.

Setting up Docker

If you haven’t used Docker before you will need to install it now: https://docs.docker.com/docker-for-windows/install/

Don’t be put off, Docker have created a very simple on-boarding experience for its users and so running Docker is a breeze. There are no specific skills needed beyond basic comfort with the command line and using a text editor.

Once you are done installing Docker, test your Docker installation by running the following:

docker run hello-world

Getting Started

Let’s begin by downloading Core1.5 from Github (keep your eyes peeled, I will cover Core2 in a future blog post.) The easiest way is to download and extract the zip file.

Core1.5 — https://github.com/filetrust/SDK1.5Evaluation

Make sure the contents of the folder look the same as below. You may need to extract the Lib file.

Now let’s open a Mac terminal or Windows PowerShell in the SKD1.5Evaluation directory and run the following command:

docker build -t gwsdk-image:0.1 .

This will build an image of the Glasswall Core1.5 SDK. The image contains all the files and code needed for the container. We can see all of our images by using the following command:

docker images

Nice! We can see the image we created is listed and ready to go. Now let’s run a container of this image.

Wait, before we run a container of the image lets create an input directory and an output directory. I like to do this in the C:/data directory.

We can place files that we would like to process into the input folder. Always make sure the output directory is empty before running the Glasswall image. If the output is not empty Glasswall will fail to produce an output and will destroy any data present there — let’s, make sure we don’t do that!

We are getting there… Now let’s setup Docker’s shared drives. To do this right click Docker in the system tray. Click settings. Click Shared Drives and share the appropriate drive. Click Apply. We will need to do this for the drives that the input and output directories are on.

Great! Let’s now mount the input and output directories and run a container of our image. To do that we are going to use the following command:

docker run -it -v C:\data\input:/input -v C:\data\output:/output gwsdk-image:0.1

This command will build the container and mount “C:\data\input” to “/input” and “C:\data\output” to “/output” on the container and then immediately process the contents of input folder and place the regenerated files in the output folder.

If everything works as expected, the console will display the configuration used for the run and close out the session with:

Congratulations! You have just processed your first file through Glasswall’s Core1.5.

For more information on Glasswall or any of our products, please get in touch.