HOW GARRISON SAVI® WORKS
Garrison SAVI® not only transforms the risky content to something safe, it then verifies that only the safe format is ever transferred across the isolation boundary – a barrier that is fully enforced in hardware. Garrison is one of the only commercially available solutions to conform to trusted authoritative security patterns. For example see the data import guidance from the UK’s National Cyber Security Centre (a part of GCHQ).
Doing this at all is hard. Doing it in a way that is robust against efforts by sophisticated hackers to subvert it is really hard. Achieving all that and delivering a usable and scalable enterprise or cloud solution is a very significant challenge. This is the problem that Garrison SAVI® solves.
Inevitably, with any secure remote browsing solution, at some point the browser will be compromised. After all, that’s the whole point – if you weren’t worried about browser compromise, you wouldn’t deploy secure remote browsing in the first place.
What is critical however, is that the compromised browser should be isolated – able to transmit out only the guaranteed safe data required for transmission to the user.
To understand the user experience challenge, you first have to understand the core principle of secure remote browsing. Anyone can claim to have a secure remote browsing solution – but what makes secure remote browsing different from traditional web security technologies such as proxies?
SAVI Nodes are recycled between users on demand, meaning that a single Garrison SAVI® appliance can serve thousands of users. But what if there is malware that has persisted since the last user? With Garrison Secure Reboot technology, that’s not an issue. When the chips in each SAVI Node are recycled to a new user, Garrison ensures that they are delivered to the new user in a guaranteed clean state.
Garrison SACS™ is Garrison’s Silicon Assured Content Sanitization technology.
Garrison SACS™ enables copy-and-paste and printing as securely as Garrison SAVI® provides the browsing. Garrison SACS™ technology sanitizes text and image formats by converting them to ‘known good’ format and using hardware-based verification to ensure that only that known good format can be transferred to the native device.
With Garrison SACS™ the browsing workflow continues uninterrupted for copy-and-paste and printing while maintaining Garrison’s ultra-high level of security.