Case Study: Enterprise Information Protection Product

One of Auriga’s customers—a US-based vendor of software solutions that provide “complete protection” for intellectual property and other mission-critical data vital to operating the modern global enterprise—tasked our engineering team to port its flagship solution to Linux OS, several virtual frameworks, and mobile platforms to expand its presence on the global security applications market. To continue to stay ahead of its competitors, the customer’s existing engineering force needed to continue working at full speed on enhancing the existing Windows solution; thus, the project was to be executed with minimal management and engineering overhead.

EIP Client Features: 

  • Ÿ Detection of multiple data manipulation events: opening and copying files, raw network transmission, sending through IM and email, copy/pasting, printing, copying to/from removable devices, CD burning, etc.
  • Ÿ Over-the-network event notifications from the client to a central rules server
  • Ÿ Fine-grained protection rules: based on original data location and characteristics, user, network location, event type, etc.
    • Ÿ Aborting and/or logging suspicious operations
    • Ÿ Silent operation or displaying user prompts
  • Ÿ Stealth mode, tampering prevention, boot-time protection
  • Ÿ Operation through system-level event callbacks inside a file system, a network stack, a user management system, or other subsystems
  • Ÿ Over-the-network client installation, updates, rules updates
  • Ÿ Re-designed from scratch for supported OS based on the idea of the original Windows desktop client

From an engineering standpoint, porting to a new environment a system that drills deep into the operating system internals in order to provide reliable control over all data exchange channels is a very challenging task. Plus, don’t forget that the ported product should be able to talk with the existing central server components through a set of protocols that used to be internal for a Windows-based solution. Such porting actually requires the careful analysis of all requirements, formal and informal, all protocols and interfaces, and the existing product architecture and the design of a completely new product from scratch that would inter-operate with the existing solution and mimic the behavior of the existing product but in a new environment. Besides, the customer has gained significant experience in solving complex tasks and doing tricky things in the Windows kernel—solving the same problems for a completely different OS would also require a deep understanding of the internals of that OS.

The project was executed according to the iterative model, with multiple intermediate releases implementing a subset of functionality. Controlling the actual progress of the development is invaluable in complex R&D projects, and tracking the intermediate milestones with a pre-defined scope provided an objective picture of that progress. It was executed promptly and cost-efficiently, with high quality and with high attention to customer requirements. At present, Auriga continues the further development of the application on various platforms. As the entire solution is constantly enhanced, new features and concepts are added to it to better fulfill customer requirements.

Tools and Technologies: C/C++, Linux, CentOS, Fedora, RedHat, Suse, Mac OS, iOS, Windows 7 SP1, Win Server 2008, virtual frameworks Microsoft Hyper-V, Citrix Xen 6, VMware.