Garrison SAVI® technology

Silicon-Assured Video Isolation

Silicon-Assured Video Isolation (Garrison SAVI®) is a secure remote browsing technology that means risky web content is never processed on the user’s endpoint device. The Garrison SAVI® Isolation Appliance lives in the cloud or the data center, doing dangerous web browsing for you and supporting large numbers of users with fully interactive but fully sanitized access.

The Garrison SAVI® Isolation Appliance provides ultra-secure browsing using a unique hardware design using hundreds of Arm® chips – the technology that powers the world’s mobile devices. This revolutionary hardware design provides an unprecedented combination of ultra-high security with guaranteed user experience, even at scale.

You might expect that this sort of hardware security was only suitable for government or military applications. But by exploiting the price-performance of Arm® chips designed for the mobile market, Garrison SAVI® makes ultra-high security available at pricing in line with standard commercial security controls.

Scroll down to read more about how
Garrison SAVI® works or learn about Garrison

How Garrison SAVI® works

Garrison SAVI® technology is a simple concept that takes advantage of the incredible power of the Arm® devices that power the world’s mobile phones and tablets. By chance, it turns out that these devices are a perfect fit for secure remote browsing.

Garrison SAVI® uses two Arm® chips working as a pair. One of these two chips acts essentially as a tablet. It runs a browser, and other apps for consuming Internet content.

The pins of that Arm® chip which would normally be connected to a display are instead connected to the camera input pins of the second Arm® chip – which acts essentially as a camera. The "camera" chip watches the screen output of the "tablet" chip, compresses what it sees, and sends it over the network to be displayed to the user on their endpoint device.

If the "tablet" chip gets compromised by a malicious website, it will end up running malware. But the worst it can do to the "camera" chip is to show it some bad pictures. The "camera" chip is safe from compromise – in turn isolating the user’s endpoint device from any harm.

The result is a secure remote browsing technology that delivers the highest level of security, but at a price-performance level that beats conventional software-based remote browsing solutions.

A single Garrison SAVI® Isolation Appliance contains many hundreds of pairs of Arm® chips, supporting hundreds of concurrent sessions. And the appliances can be deployed locally on your site or used to provide a cloud-based service.

All the sessions can be consuming rich content, and all will receive a high quality near-native user experience. And the chip pairs – SAVI Nodes – are dynamically allocated to users when they need them, meaning that several hundred nodes in an appliance may be able to serve thousands of users (depending on usage patterns, naturally).

Of course, the web is not a passive medium: users need to be able to click and type in order to interact with websites. Mouse and keyboard commands are sent from the "camera" chip to the "tablet" chip via Garrison’s Hardware Security Enforcement Fabric (HSEF). The HSEF applies security controls at the hardware level to ensure that:

  • the mouse and keyboard channel is unidirectional. Malware cannot attack via the HSEF
  • the transmission of mouse and keyboard commands is rate limited. A malicious user trying to leak information is limited to human typing speed for that rate at which they can get information out
  • an (optional) audit copy of every keyboard and mouse command can be output via the physically separate management and audit port for analysis and monitoring.

The result is bulletproof protection against bad stuff getting in, and massive levels of mitigation against good stuff getting out. Compare this with the challenges facing software solutions.

Why hardware?

Software “remote browsing” solutions exist. But they typically run up against one or more of the following problems:

  • Security. Some software solutions have only a thin veneer of isolation, which is easily penetrated in practice
  • Usability. Some software solutions struggle with usability for interactive content and rich media
  • Price/performance. Some software solutions solutions demand excessive processing or network capacity at scale, making long-term unaffordable.

Garrison SAVI® uses a strong convert to verifiable raw pixels security model. Implementing this security model in software is equivalent to traditional VDI technology, which struggles with price/performance at scale.

By using purpose-designed hardware, Garrison SAVI® can convert risky content to verifiable raw pixels at scale while maintaining an affordable price point. Garrison certainly delivers an exceptional level of security: but using hardware designed specifically to overcome the performance pain-points that plague other solutions means Garrison actually delivers a lower overall cost than less secure software solutions.

Garrison Secure Reboot

SAVI Nodes are recycled between users on demand, meaning that a single Garrison SAVI® appliance can serve thousands of users. But what if there is malware that has persisted since the last user?

With Garrison Secure Reboot technology, that’s not an issue. When the chips in each SAVI Node are recycled to a new user, Garrison ensures that they are delivered to the new user in a guaranteed clean state.

That means ensuring that any malware which might have compromised the chips in the node is unable to persist between allocations. Malware often works hard to try and persist – trying to hide even in low-level system firmware such as the BIOS.

Garrison Secure Reboot technology is implemented at the hardware level, involving a full power-cycle and a boot management bus that protects – again at the hardware level – against attempts to persist across power cycles even at the bootloader or BIOS level.

Silicon Assured Content Sanitization

Garrison SACS™ is Garrison’s Silicon Assured Content Sanitization technology. Garrison SACS™ enables copy and paste, and printing as securely as Garrison SAVI® provides the browsing.

Garrison SACS™ technology sanitizes text and image formats by converting them to "known good" format and using hardware-based verification to ensure that only that known good format can be transferred to the native endpoint.

With Garrison SACS™ the browsing workflow continues uninterrupted for copy and paste, and printing while maintaining Garrison’s ultra-high level of security.

About Garrison