The File Gateway is commonly used to inspect a file’s content as it moves from one location to another. By inspecting the file before it moves, the risk of sensitive data leaks is considerably reduced – especially in scenarios where both locations are networks with different levels of security. For example, one network may be a high security domain and the other low security; alternatively a private Intranet network and a public facing website. In both of these examples there’s a real risk that the information contained within the file could be valuable in one location but represent a data leak in the other.
The File Gateway’s content inspection engine recognises over 150 different file or format types. It uses strong signature and data parsing techniques that ignore unreliable external indicators, like file extensions. The engine performs recursive decomposition, and systematically opens and searches within archive files like ZIP and TAR to locate all embedded objects – for example images, or active content within Office documents. Inspection continues until there is nothing left to process.
By recognising particular file types, it is possible to set a policy to decide which file types are acceptable, and which should be blocked. The inspection also extends to textual content: the words and phrases contained within the files.