Citrix ShareFile Cloud Security

Avanan provides a full suite of security solutions for customers that use Citrix ShareFile. Avanan connects cloud-based versions of third-party security tools directly to the Citrix customers’ ShareFile infrastructure using the built-in application programming interface (API).

Citrix ShareFile offers file sharing and file collaboration tools that allow employees and outside collaborators to share files. Avanan adds layers of security, privacy, and compliance not offered by Citrix.

 

Avanan Cloud Security for ShareFile

Citrix ShareFile is the secure file sharing and transfer service. ShareFile provides some security solutions but still does not provide other necessary security solutions. Avanan adds a layer of security that provides the following security features for ShareFile:

  • Malware detection with Antivirus
  • Revocable Encryption (for files leaving the ShareFile environment)
  • File Sanitization
  • User Anomaly Detection

Security events that are generated by Avanan are actionable, and allow to automate the remediation process. The supported actions are specified below.

Benefits

  • Secure ShareFile files by scanning for Malicious files and Data Leakage (DLP).
  • Generate actionable events on ShareFile malicious content.
  • Integrated solution to protect SaaS platforms, including ShareFile.

 

Default Policies

There are 2 default Security Policies for ShareFile:

  1. ShareFile DLP: scans posted text messages for potentially leaked information, such as Credit Card and SSN.
  2. ShareFile Threat Protection: scans files loaded to ShareFile for malicious content.

The policies include an option to skip generating events on internal communication.

Note: ShareFile engine does not scan personal File Boxes.

 

Actions

Data Leakage Protection

  • Mark as Sensitive
  • Change share policy
  • Move to folder

 

Malware

  • Mark file as Dangerous
  • Restrict access
  • Move to Quarantine folder

 

Prerequisites

  1. ShareFile Admin access is required to complete the onboarding process.

Configurations

 

On-boarding

  1. Navigate to SaaS Apps and click Start on the ShareFile app.
  2. The Avanan platform then redirects the user to an authorization page on [URL].
    sharefile onboarding
  3. Using the company’s ShareFile admin account, the user approves access for Avanan.

The minimum required permissions for the Avanan platform are:

  • Users Type: Standard ShareFile Users
  • Content: Read/Write All Files/Folders
  • Management: Manage Enterprise

Notes:

  • We recommend ensuring all folder/file download email notifications are turned off for all participating ShareFile users. This will prevent automatic email-notifications for each scanned file.
    • More information about the email notifications is available here
    • How to disable the email notifications is available here.

 

New Policy Creation

  1. Navigate to Policy page.
  2. Add new policy by click on the + button near ShareFile.
  3. On “Choose Security” combo-box select DLP or Malware.
  4. Next.
  5. On “Mode” combo-box select protection mode (Detect and Protect or Monitor).
  6. Based on the policy type:
    • DLP
      1. Select the requested DLP rules.
      2. Choose if you want to activate the scans on internal files (not shared with external users).
    • Malware
      1. Select the tools you want to activate in the scan.
  7. Click “Save and Apply”.

 

Stop ShareFile protection

  1. Go to SaaS Apps and click Stop on the ShareFile app.

 

Forensics

ShareFile detections are recorded as events for forensic and auditing purposes. The events types depend on the policy type that created the event. For DLP the events include what type of sensitive information was potentially leaked (PII, HIPAA, etc.). 

fileshare_events