Keep Your Data Secure with Clearswift and GoAnywhere MFT

Chris: Hi everyone. Thank you for joining today's webinar on how to Keep Your Data Secure with Clearswift and GoAnywhere MFT. If you have secure file transfer requirements between you and your customers or trading partners, we're going to dive into areas of frustration, and how the GoAnywhere and Clearswift solutions can help. We hope you find the presentation helpful. I'm here today with my cohost Dan Freeman and Scott Messick. How are you guys doing today?

Dan Freeman: Excellent.

Scott Messick: Great. Thanks a lot Chris.

Chris: Yup, you're welcome. Before we kick things off, I just want to remind you that the event is scheduled for an hour and if you need to leave or drop off at any point, we are recording the event, and we'll send out the link afterwards. Feel free to ask any questions throughout the presentation, and we'll have team members online to answer them. And we'll try to answer a few verbally at the end as well. Finally, a survey will display at the close of the presentation. If you feel that that's suitable for you, that will give us good feedback on what parts of the presentation were most helpful.

And you can also reiterate any questions that we didn't get to today in today's call, and someone will get back to you shortly. Okay, with that, here's our agenda for today. We're going to review the issues revolving around secure file transfer and content inspection. Next, we'll get into an intro from Dan and Scott on what our respective tools do, followed by some real-world use cases. And lastly, we'll get into a live demo along with some Q&A at the end of the presentation. And with that, let me introduce you to our presenters.

Dan Freeman has spent the last 10 years of his career in various security roles, ranging from systems engineer to security officer. He currently serves as senior solutions consultant at HelpSystems for the GoAnywhere product line. Scott Messick is a senior sales engineer with Clearswift. In this role, he works with allergists Clearswift customers and prospects across North and South America. Prior to joining Clearswift, Scott spent 12 years with Credit Agricole Bank where he served as director over the Windows Platform group. Thank you for being here. I'll let you take it away.

Dan Freeman: All right, thanks Chris, I appreciate that and thanks everyone for taking a little bit of your time out of the day to join Scott and I in this discussion today on kind of data security. Some of the things when we talk about security, I think some common terms layered security or defense and depth. When we talk about using maybe multiple components or vendors, mitigating security controls to protect that data. Well today we're going to go ahead and focus on a couple applications, and their integration on how to exercise overall data transfer security, data loss prevention and mitigate any would be viruses or malware.

Now encryption, when we talk about this, why is this not enough? Interesting questions. I think encryption is one of those things, especially from a security officer in my previous life, that we talk about is probably one of the first things you definitely should do, when we talk about data security, having it encrypted at rest as well as in transfer. Those are definitely absolutely key and necessary things. But getting back to that layer of security or defense and depth, sometimes encryption by itself isn't enough. It's definitely a good starting point, but we've got to do other things to make us have that defense in depth or layered security.

Couple of points there, your PII or PHI or FTI, basically any individualized or sensitive information probably doesn't need to be or should not be allowed to be transmitted. Now, encrypting things can definitely protect that data, but it's not going to go ahead and make sure that those things are not being transmitted. So we definitely want to make sure that we have different things that we can do and DLP solutions, which we'll kind of talk about in a little bit, can definitely do that inspection of that, to see what kind of contents are to either allow or disallow those types of files.

A lot of times on that point too, we talk about it leaving the network what we want to do but think of it also from a perspective of receiving data. A lot of folks that are receiving data, don't have the proper secure network in place to actually house PII, PHI, FTI, anything like that. That'd be another reason to do a little bit of scanning when files are actually coming into the network. Now that next bullet point, we traditionally think of things going inbound on this side. We definitely don't want to pull things in with viruses or malware to do that inspection before they actually land on our ending place network. But this could also be on the outbound side as well.

We don't want to be sending things to our partners that may have viruses and malware, kind of gives you a bad look or maybe a little bit of bad reputation in that case. Some of the things we definitely want to know what we're being transmitted. Kind of go into that bottom point as well. Having the ability to audit who is sending things like that. If you guys are ever under any kind of compliance regulation, you know pretty well that when auditors do walk in the door, they are going to want to know that you know exactly what's happening with your files, where they're stored, who's touching them, who's doing what with them, when they're were sent, who's modifying them, from what values to another, all those types of things. We definitely want to know what's going on.

So we want to know what is going on with those files at any given time. And then also being to filter on WHO individuals, you might have maybe medical review nurses that yeah, they're going to be dealing with PHI or PII, and they do need to send these things out. But you also want to protect people that don't have any reason to be sending these things out. We can do that again, that content filtering to kind of see what files are going in and out and deny should they need to be or allow them to go through should they need to be.

All right. What's another way that we can add to the security model? We talked about encryption. Well here we're going to talk a little bit about GoAnywhere and Clearswift and how they can be integral pieces of that layered approach puzzle if you will. As well as how they can integrate with one another. But first, let's take a peek at some reasons why you should consider centralized secure managed file transfer solutions. Here's a couple of quick bullet points on the secure file exchange management. Obviously, encryption at rest and transfer. We kind of talked about that encryption piece as one very, very important and integral piece.

I think it's actually a must have for any kind of secure file exchange. We definitely can leverage Clearswift for that deep file inspection for content and virus scanning as well. Scott will dive a little bit more into that one, when we get to his part as well. Centralized administration. I think this is key not only just with MFT but anything. Any Sysadmin wants to have that single pane of glass to know where to go to kind of see what all his pieces are doing. This really helps with that auditing and accountability point that we just talked about. Letting your auditors know or when the auditors do walk in the door, you don't get that sweaty poem and heart racing type feeling, because you have no idea how to find the information that that person's going to ask for.

Having things centralized makes it a lot easier and having good logs as well, makes things a lot easier. That full traceability and control. This is also kind of on that single pane of glass single pane of control, I guess. Having those detailed audit trails of all that file movement, all the manipulations to where you can keep track of anything that's going on, not only from so much just in auditing from an auditors' perspective, but having that idea of, "Hey, if a job fails, how do I get notified?" or "Can I stay proactive instead of reactive?" All those types of things. Letting us know the actual life cycle of files from start to finish.

And then automation. I don't know if you're on our previous webinar, we talked about automation, obviously that's MFTs core, I guess function. One of the biggest things, if you've ever looked at some of the data breaches over the last five years, one of the biggest reasons if not the biggest reason, percentage wise for causes of breaches is human error. Automation gets rid of a lot of that human error. So that we don't rely upon people just maybe getting lazy, not seeing things. Point is the more you can automate, the more efficient it is. And probably more importantly nowadays, the less likely you are to have one of those ugly data breaches that you kind of see on the news here and there.

Okay, so this one here, I'm going to run through this pretty quick. This is kind of a really high-level overview of what kind of GoAnywhere does. But from the general perspective GoAnywhere can be on both the inbound and outbound side of things. So if you want to be on an SFTP, FTP, FTPS and HTTPS web client, any type of listener, we can spin those up, to where you can have your trading partners or customers connect up to you via those protocols, to pick up or drop off files. Pretty straightforward. A lot of things with this again, we do provide encryption, whether it's during transfer, using those protocols or at rest using AES-256 type encryption. We can have that data at rest as well.

A lot of different things from maybe a data translation standpoint. You need to look at certain files, manipulate them and actually enter them into a database. Lots of different things is where. Some of the different things that we're going to talk about here too is we're going to talk a little bit about the outbound piece of it. Specifically when we get to Scott section on ICAP and the Clearswift product. This is where when we talk about us being on the client side or doing outbound type connections or initiating, this entire box down here is just a sample set of what GoAnywhere calls resources.

And this is us giving you the ability to put in server and service type connection information, to leverage things like Clearswift or maybe a backend database. Or maybe you want to connect to Amazon S3 Buckets or Azure Blob storage. Point being now GoAnywhere can use those to reach out, dip into pole things, push things to, or leverage in our case services so that we can do some DLP type scanning, or antivirus and malware type scanning, either before we're receiving files or when we're sending files outbound to our partners. So lots of different things. And then really quickly, talking about the audit logs and reporting and alerting.

This is also built in and very, very integral when we talk about the auditing and accountability section, which is going to be very important for any security regulation no matter what field you're in. This is where the detailed audit logs, giving you audit logs on the protocols, on the people logging into, your actual administrative users. Any file that touches the MFT system, all those things can be audited and alerted on, so that you can stay proactive as best that you can, instead of that reactive type mode. And having people tell you something didn't work and things like that. So this can keep you on track to ensure the delivery of said resources should you need to do that.

All right, I'm going to pass the mic here, kind of jump over here and send it over to Scott. Scott, you there?

Scott Messick: I am here. Thanks Dan. And thanks Chris. A great intro to the webinar. And thanks Dan for outlining the basics covering various topics that we're going to be getting into here. And also thanks to everybody for joining. So a couple of bullet points that we're going to get into here to begin with. As far as Clearswift is concerned, rich track record in innovation, developing many of the features, the security industry now considered standard, during collaborations such as deep content inspection or DCI as you'll commonly hear me refer to this as. And so what I'll get into what DCI stands for, deep content inspection.

So a couple of different things. Inbound and outbound scanning, Dan had focused on the outbound. We can cover both inbound as well as outbound across multiple communication channels. So our focus topic for today is of course GoAnywhere, but in addition we'll get into some basics as far as email and other web traffic is concerned. DCI also refers to what we commonly call adaptive redaction. And what do we mean by adaptive redaction is our Clearswift's special sauce, if you will, reduction of text, whether it's PCI or PII. While allowing everything else to pass through the gateways, we can just essentially look for and take out the stuff that's important to you.

DCI also refers to optical character recognition, scanning for text inside of images, anti-steganography. There's also another form of our deep content inspection engine, which is the concealing of messages inside of images. DCI also refers to the ability to strip document metadata, such as change tracking authors and things along these lines. Clearswift also gives you the ability to monitor what truly matters to your organization, which of course may be different from one organization to another. Or even between business units or desperate companies inside operating under a corporate or a global umbrella.

So Dan, you can move to the next slide and we'll go into a little bit more of Clearswift's holistic approach. So as I previously mentioned, we talked about the DCI methodology, which we can apply to email which happens to be our flagship product, web traffic and end point devices. And with our end point solution, we can essentially apply all the same logic to data at rest as well, such as file shares. We can also classify data and monitor sensitive data being transmitted both internally and externally with our data classification tools.

However, Dan previously mentioned the intent of this webinar is to focus specifically on our integration with GoAnywhere, which allows for Clearswift and HelpSystems to ensure that the data that you have visibility into, that's on your network and it's most sensitive to you, can be tracked when transmitting within the GoAnywhere MFT platform. So a little bit more about GoAnywhere and Clearswift and how we work together. As you can see here, you have the modern managed file transfer solution, which is easy to support, maintain and can be built for many use cases, whether it's internal or public facing.

We take that and we incorporate the deep content inspection algorithm into the product, and now we can protect against malicious content or specific types of data which we prefer not to allow it to be transmitted within your MFT work environment. So what we're going to do is we're going to demonstrate shortly how we can kind of tie all of this together. Next slide, we're going to just outline a little bit more about how the Clearswift product offering the ICAP Gateway seamlessly integrates with to GoAnywhere MFT product, how we can expect all the content that's sent into and out of the portal.

And so this diagram that's been presented here just kind of outlines from 50,000 feet, how this is all done. You have your GoAnywhere managed file transfer solution, you have your ICAP Gateway via the ICAP Protocol. We intercept the traffic that's uploaded and downloaded as it applies to specific groups of users or individual users. Different business rules can be defined for different use cases as well. The ICAP integration kicks in via workflows and triggers. It's sent to the ICAP Gateway. We scan the content with our deep content inspection engine, and we pass the results back to GoAnywhere.

And there's a variety of different things that we can do within the GoAnywhere platform. As you can see when we get into the presentation, we'll get into that in a little bit more detail, the actual live demo. So on the next slide, can I kick that back to you Dan?

Dan Freeman: Yeah, I'll was jumping here, thanks Scott. So this one here has a little bit of I guess stroking to GoAnywhere ego here. This came out in obviously 2019, you can see there at the top is Info-tech MFT Data Quadrant. And if you guys have ever followed, I know it's kind of a niche market for the managed file transfer area. Analysts and third-party reports haven't always been easy to find. While some certain products call themselves MFT solutions, many of them do lack the security controls and detailed audit trails for compliance requirement. File transfer, encryption, automation and auditing are all qualities of the standard MFT tool, centralized obviously in that single pane of glass that we talked about.

But the need for this type of solution growing and leading organizations. Now Info-Tech Research Group released this 2019 managed file transfer category report, which scores leading vendors based on customer reviews. Among nine vendors listed in the MFT data quadrant including Ipswitch, MOVEit and IBM MFT, GoAnywhere MFT, had the highest composite satisfaction score ranked number one from multiple vendor capabilities and features. So that's pretty cool. We'd like to talk about that. And I don't know if you guys have ever seen the Gartner data quadrants, this should look pretty familiar too, in the upper right-hand corners are going to signify the leaders in that space. It's kind of nice that we're up there at the top.

So you can see for yourself on our website if you want to download it at the www.goanywhere.com/info-tech. Many buyers have found this really a nice helpful part of the research process and a good way to validate a vendor claims. Because I know sometimes when people do get into the MFT space, it's kind of unknown, especially when you're a sysadmin. It may not be something that you're too familiar with. So this is definitely a decent starting spot. I don't think it's an end all be all by any means. But I think it's definitely a good note for us of course. And then I think a great place to at least take a peak, and if you want to pull it down, do a little demo, you can do a little proof of concepts and see how that works for you guys. With that all, pass it back to you Scott.

Scott Messick: Yup. So some little more ego stroking here for Clearswift. A little pat on the back. As you can see here, we are on the Gartner Magic Quadrant for Enterprise Data Loss Prevention. We've also been recognized by SC Magazine and there are a couple of links on the bottom of this slide which reference our awards and our case studies. One comment I'd like to make that pertains to the quote that you see in the middle of this slide, comes from one of our customers, published in one of our case studies on our website, has to do with deep content inspection. Just a point that I'd like to make here is it's a little more than just redacting sensitive information.

When using Clearswift products, we can significantly reduce false positives due to the way that our lexical expression algorithms are put together, and a lot of flexibility and granularity that can be unleashed when you're looking for information that's sensitive to you and your organization. So what I'm going to do here is I'm going to go into a current configuration where we have a GoAnywhere MST along with a Clearswift ICAP Gateway. You've got the GoAnywhere piece, as Dan mentioned, that does the secure file transfer, and then you've got the Clearswift piece that does the deep content inspection or does the interception of traffic between the file uploads and downloads.

So you have here is you've got traffic between specific groups of individuals. These groups have DLP and other custom requirements. It doesn't necessarily apply to the entire organization. But for these specific users, there were granular controls that were necessary to be put in place. And what the ICAP Gateway does is we provide, as I've been mentioning, the deep content inspection or the DCI and returns the results back to the GoAnywhere platform. If the ICAP Gateway can sanitize the message, for instance, redact text, block specific content, then the transmission is allowed to continue.

If Clearswift for whatever reason can't redact text, or if there's executables that are being transferred, that can't be renamed. If there's any scripts that can't be removed, things along these lines, viruses. What Clearswift does is we kick the error code back to the GoAnywhere MFT platform and the transmission is blocked. So with that being said, I think it's time for us to actually show all of this live. And if you can take a step back, I think there was one more slide that I wanted to review which has to do with... Oh, okay. So that's okay. What we're going to do is I'm going to analyze... You can move back to your demo environment.

What we're going to do is, we're going to run through a couple of different use cases here. Test scenarios. One is we're going to show a demonstration of a block. The next demonstration we're going to do is redaction of text. So the blocking is essentially not allowing the communication. Redaction allows the communication but strips out the sensitive information. We're going to do this with a secure file platform. And then what we're going to do is we're going to demonstrate the secure email functionality of the product as well. We'll go through some of the workflows both within Clearswift as well as GoAnywhere.

So what we're going to do is Dan's going to do the driving and I'm going to do the narrating. So without further ado, Dan, can you move into the first test case, which we'd like to review the GoAnywhere workflow? We'll start with the block user case. So what Dan's going to do is he's going to sign into as his block user. And what he's going to do is he's going to first show us some sample PDF and word documents that we have that have been rebranded with our organization. You can see here there's some PCI that's about to be transmitted. We have a word document, we have a PDF. So we'll start with the word document.

Dan is going to go ahead and upload that into the console. And once we click the refresh, you'll see there that the document has been blocked because it's got a PCI that's built into it. So now what we're going to do is he's going to quickly demonstrate how he can do the same thing with a PDF file as well as with a JPEG. And so while he's doing that, it's going to show that that... You could see the content there, same document that's been saved as a PDF file. And then you've got the image which is coming next. He's going to refresh that, and you'll see that that content is not allowed to be transmitted.

So for this specific user this is PCI. And what we're going to do is we're going to also demonstrate another use case where we're going to see PII. And so all this has been blocked. And if you don't mind, Dan, could you just kind of show us and speak to us about the basics for the workflow itself within GoAnywhere?

Dan Freeman: Yeah, let's do that real quick. So as Scott just mentioned, we just went, and we dragged a word PDF and a JPEG file with sensitive information and his rule decided to block it. So let's go ahead and look at the actual completed job first. So we'll kind of see the log file to see exactly what happened there. Hit refresh here and we'll look, make sure 10, 23 yup, that was the one we just did. So if we look at the log file within here, we'll kind of see... And this one looked like it was that credit card info doc file that we uploaded. You'll see that it's calling a project and we'll go a little bit more into this in just a little bit on the actual trigger and project process. So I'll just kind of show you what happened in the backend.

This is going to do the ICAP request, goes through the ICAP and it's going to return a status code of 200 which is bad. And we'll again, we'll go more into that when we get in the project. So what we're doing in this one, we're just deleting the actual file. Now granted we could do other things. Maybe we could archive it into a certain location and then delete it from the user location. But for our intents and purposes, just to kind of show you the functionality, we just went ahead and deleted the file. And that's why you were seeing on the web client when I refreshed the file actually disappeared. So that's actually what's going on, on the background.

Now that was for the doc file. That's going to be the same for the PDF, the JPEG that we uploaded as well. Same concept. It's going to go ahead. Just wanted to demonstrate that it can scan docs, PDFs as well as like Scott mentioned earlier, the OCR technology that was with the JPEG. So it could actually scan picture files as well, which is pretty awesome. Pretty cool. A feature there. With that, I don't know if you want to go ahead.

Scott Messick: Yup, yup great. So now one last part that we're going to demonstrate here is we've got a sample virus on the system. It's not an actual virus. We've basically named this a CryptoLocker I believe. And so what we've done here is we've just placed some text inside of this text file to make it look and feel like it's a virus. And we're going to go ahead and we're going to upload that into the GoAnywhere MFT console. And you'll see here that if we refresh that, you'll see that that's been stripped out. So we're blocking malicious content as well.

So now what we're going to do is we're going to go ahead and move over to the Clearswift Gateway. And we're going to have a look at as you can see here, you see the blocks that are coming in. So basically you can see who the sender was, the routes, that's our terminology that describes the sender and the recipient. And some rules that are in the route that basically move into the TCI blocking. So what we're going to do, is we're going to move over to the redact use case, where we're essentially allowing the communication to continue. We have a different user account here. This is a different business unit if you will.

And then what we're going to do is transmit some data here and then we're going to dig into a little deeper into the rule sets as well. So let's go ahead and just show the files first Dan, just so you can see. So this is PII, first set of rules where PCI and that was for our block use case. So then went ahead and uploaded the social security JPEG. Now if we open this up, what we should find is that the content is redacted. So as you can see here, we blocked out the PII and this is based upon analytics that we built into our rule set. So Clearswift customers you'll recognize this because you've seen this with the email gateway. Now we're applying this to the GoAnywhere platform.

So go ahead and upload a doc file and you'll see the same results here where we've redacted the PII that's inside of this job application document. And then the last thing is the PDF. Sorry. Yeah, he showed the original file, which I was actually just going to ask him for him to do. So, great. So now we open this up, same concept. We should see the redacted text inside of the PDF, which is as our... That's what we're expecting. So now what we're going to do is we're just going to quickly move over to the Clearswift Gateway, and Dan's going to move into the policy management. And then he's going to go into the lexical expressions.

And we're going to show you, you scroll down there, and you'll see the redaction of the social security info. We open that up and you'll see here that what we're doing is we're looking for the word social security with a space. And then we're referencing the social security pattern of numbers. This is a built in canned expression that comes with the Clearswift solution, where we can build our own custom analytics as well. So now if we cancel that, and then at the top of this expression, click inside of that redact social security. And this refers us to the content rule where we're matching the expression. We're looking basically everywhere in the document. We don't have to. This can be customized.

We've enabled the optical character recognition feature. And when I say we don't have to search everywhere, we could just search content or properties metadata. And as you can see here, we're allowing this on successful redaction. So for the standard block rule, what you'll just see here is a block action. And so Dan, if you don't mind, can you now, as you could see once we take that, we assign it to a route and then we build the rules inside of the routes. So Dan is just going to demonstrate that for us really quickly. So if we go into the routes, and then what we're going to do is we're just going to open up the redact, and we'll go into there.

And you'll see here for this use case if you scroll down, there is just one PII rule that's at the bottom, and for the block it was the PCI rule. And so if you don't mind, Dan, can you just quickly show us the workflow? I believe you went into the logs before, so could you just kind of show us the workflow and some of the actions that are inside of one of the PCI or the PCI?

Dan Freeman: Oh yes. Let's do that real quick. Okay. So let's here, on the redact one. So yes, really quickly. Not to get terribly in the weeds here, but like Scott mentioned, what we're doing from a GoAnywhere perspective is we're going to notify or get notified when a file does get uploaded. As you guys saw, we're doing it via a web client here. This is just one of the ways we can do this. One of the protocols, it happens to be the HTTPS protocol that we're having folks upload files to. So we're going to have a trigger that's looking for that. The action item first, a file that gets uploaded via HTTPS.

When that happens and it's a certain type of file, we're going to call a project and that's what this is here. This is what you're looking at here. This is going to go through and we're developing some sort of business logic, which is going to be step-by-step functions or action items I should say to do something. In this case, we're actually going to be connecting up to that ICAP resource, which is going to be our Clearswift device that we have here. I know I briefly talked about the resources on that overall slide. Well, that's something that should define the actual Clearswift connection first as a resource and then you can actually leverage that.

The main point is we're going to send that information. In this case, those files we're uploading, to that ICAP device, and it's going to go through everything that Scott just kind of walked you through. I realized that was really quick. But depending upon the type of file who's actually sending it, in this case, in this case, it was the redact user. That's what we're looking at here. Since it came from redact, that's going to call this project, and we're really going to have ICAP analyze that file, and basically give us back a status code.

And depending upon that status code is what we're actually going to do as far as moving it or deleting it and then denying the actual trigger event. Meaning we're not going to let that actually happen. That file transfer happened, but this is the main part of it is taking that a status code that we're getting from the ICAP device, and then doing something as far as whatever logic we want to do with those files depending upon that response.

Scott Messick: Yup, great. So thanks a lot. So there's just one more item that we want to demonstrate here, which is the secure mail functionality. And what we're going to do is we're going to review the same block use case. So Dan is going to go ahead and sign in and he's going to send an email. And what we're going to do is we're after PCI again here, which we don't want to allow. And so what we're going to do is he's going to send an email, and we're going to include some PCI. We've got a PDF, the Microsoft word and the JPEG, to demonstrate the OCR technology again. So he's going to go ahead, he's going to open up the same set of documents and you'll see the same content that's inside of them.

And once he sends the message, what we'll see here is that when the email is received by the recipient, we're going to get a notification saying that there was sensitive information that was not allowed to be delivered. And the bottom line here is this is it's a very generic error that we're kicking back for the time being, but this can be customized and tweaked and we could really put whatever we want in here. For any of you that are on the call that have seen Clearswift notifications before they're flexible and customizable, and it's similar logic that can be built into this workflow here.

So we've got the PDF, the Microsoft word, and again, the JPEG functionality is all fully supported within the security email portal as well. So it looks like Dan is going to show us one more use case here with the PDF, which we've actually got two more, the PDF as well as the JPEG. Yeah, he's going to go ahead and he's going to send the message through the system.

Dan Freeman: If I can spell, there we go.

Scott Messick: So you'll see a similar message that's been presented within his email client. And same concept here where we've got a generic message that's kicked back saying that we're not allowing this communication, because there's some sensitive content inside of it. So with that being said, we went through the block using the secure files technology. That's our one business unit or our one use case covering PCI. We went through a redaction configuration where we've got a different set of users, where we want to allow the communication, but we just want to strip out the sensitive text. And that was PII.

And then we've got the secure email component where again, we've moved back to PCI and it's a different group of users that we want to control within the secure email platform. And you could see here as Dan is demonstrating within the Clearswift ICAP Gateway, you can see the message that came through and some basic information about what Clearswift did with it, and what Clearswift sent back to the GoAnywhere platform.

Dan Freeman: Cool. And then to tie that into just really quick, I know we showed you kind of the project code here or the project steps on what's actually happening. But how we're even getting here, I know we mentioned those triggers. Let's just quickly pull those up a really fast. Triggers, first if I take a step back, is going to be any kind of action item that your web users are going to do. And web users are just those folks that you're creating in GoAnywhere to log into GoAnywhere, to leverage whatever service it is. We happen to use the HTTPS web client, it could be SFTP, FTPS, FTP, things like that. We just happened to use the web client is for I think visual sake.

Point being is starting with the first one, there's an upload successful trigger, so if I go all the way down to the bottom, we'll see these two triggers here, which is basically doing, "Hey, you know what? If a file gets uploaded successfully, we don't care what service we could choose as HTTPS." But the main point is I want to say if a file gets uploaded successfully by this user redact, I want to, in this case I'm calling a project and that's that project we just went through. So it's going to pass in a few variables, the actual physical file, where it's coming from, the user that's passing it up there, the file name, things like that that could be used within the project.

We're pretty much just using the actual file name itself to do that processing, to go through there, but that's where this is coming from. So when I drag that file into that web interface using the redact user, it called this trigger, which called that project, to do the processing, sending the file to ICAP, getting the response back, and then doing the logic that I had in the project. Very similarly, but kind of the other way, this was kind of inbound. On the other way, we have that trigger for the email and that one's actually doing before you send. So there's a before secure mail send trigger, and that one is here, and this one's doing pretty much kind of the same thing.

This one's saying, "Hey, that's why I logged in as D Freeman." I have it specific to D Freeman you can obviously choose whatever users you want, or it could just be the entire domain if you want this to happen for everybody. But if D Freeman sends a secure mail, I want to call this project first, which is the secure mail block and notify, and it's doing kind of the same things. We're taking apart the variables that we have available to us, which by the way, you can click on this and get the actual variables that you have available at your discretion to pass into the project.

But for the most part we're passing in the attachments, looping through them, passing those ICAP, getting the response code back, and then deciding, "Hey, do I want to deny this trigger?" Which means Nope, it's not going. And then I send an email back saying, "Hey, by the way, your message was denied." Or if it's okay, if I get a 204 status code from Clearswift, then I'm going to say, "Okay, great. Let's go ahead and pass that email through," and on it goes. So those are kind of where that project logic is coming from. It's coming from those events that those web users, in our case were either uploading files to the web client, or actually sending a secure mail out with those two different types of triggers. In any case, Scott, do you have anything else you wanted to cover or do you want to pass this back to Chris?

Scott Messick: No, you did a fantastic job there kind of setting the tone at the beginning of the webinar, and kind of wrapping up the technical pieces there at the end. And yeah, so thanks a lot for that, no additional comments.

Dan Freeman: Cool. All right, Chris.

Chris: Yup. Thank you guys. We'll have time for a live Q&A in a minute. But before that I just wanted to thank you for joining us today and let you know we'd be happy to answer any questions you have. If you'd like to contact us, our information is on the screen as well as the websites where you can learn more about either GoAnywhere or Clearswift, request a demo or try the software yourself. For those of you who need to drop off or already have had your answers or your questions answered, thanks for joining. We hope you have a great day. For the rest of you who are sticking around, if you'd like to submit a question for Dan or Scott to answer, you can do that through the question pane in the bottom right of your screen and we'll watch for those to come through.

So we did have a couple of questions that did come through during the broadcast. One of them was from an existing GoAnywhere customer who is using secure forms along with the GoAnywhere Gateway. And the question was basically, would the addition of Clearswift provide a real time virus scan that could reject any documents that contain a virus? And the response of course was yes. The Clearswift ICAP Gateway offers real time virus scanning, with really any choice of a variety of AB clients. So that was a great response. You can also use a variety of AVs, so it's not just limited to one and antivirus product.

We did have another question that came through regarding the Native Command and GoAnywhere. A customer was basically asking if they're using a local antivirus client, can't they just call a native command in a workflow to do that. And of course the answer to that is yes as well. You can scan using an end point antivirus tool. But I think the point of this webinar is that you would be lacking in any of the content inspection capabilities that Clearswift is providing. So any kind of adaptive redaction or content blocking you wouldn't get with just an antivirus client.

And then I don't see any other questions. We appreciate your time today. I'll give this one more minute if you do want to ask another question. We'll be sitting here and monitoring.

Scott Messick: I'm sorry, go ahead Chris.

Chris: No, I was just going to mention if you are a GoAnywhere customer, I wanted to remind you of our customer community GoAnywhere insiders. It's new this year, we have over 500 customers who have joined. It's a great place to get product education, interact with other GoAnywhere users, and earn points to redeem for cool prizes. If you haven't already registered, it's easy and free. Just go to insiders.goanywhere.com/join and enter the code GAINSIDERS to get started. And Scott, go ahead. You had another point to make.

Scott Messick: Yup. So a good question about the antivirus. So a couple of questions there. The first thing is with respect to the types of antivirus. So Clearswift supports Avira and Sophos. And for the second question, it's also good to have different levels of protection. So you may have a different antivirus provider at the desktop or at the server level. And what Clearswift allows for you to do is to incorporate an additional product to use against threats and things along those lines. So Avira and Sophos.

Chris: That's a great point. And I'm assuming that's pretty common with what you see on the Clearswift side customer using multiple antivirus solutions?

Scott Messick: Yup. And prior to Clearswift as well, what I've seen with my background is desktop AV is typically one product server, AV is another product. and your messaging AV is oftentimes a third product. So that's fairly common in the industry, especially for medium and larger scale organizations to be diversified like that.

Chris: Sure. Makes sense. Well, I think that's all we have today. We appreciate you attending and if you want to see this again, we'll be sending out a link. We appreciate your time today.

Scott Messick: Thank you everybody.

Dan Freeman: Thanks guys.

Chris: Thank you.