This document is a starting point for your Bodyguard CDR software journey. We are committed to your security and look forward to assisting you in your efforts to maintain a safe and secure digital environment.
What is Content, Disarm and Reconstruction?
Content, Disarm, and Reconstruction (CDR) is an advanced security strategy designed to neutralize threats posed by files transferred into a network. The strategy involves intercepting and examining files, removing any potentially harmful content based on set policies, and then reassembling the cleaned file for safe use. It is a proactive and preventative measure that ensures data safety without disrupting user experience.
About Bodyguard CDR for Desktop
The Bodyguard CDR software is an endpoint solution that functions as an invisible agent on your desktop. It operates by intercepting incoming filesystem requests made by various applications such as browsers, emails, Teams, and Zoom.
Each file is sanitized based on configured policies, utilizing our proprietary "Positive Selective" technology. This advanced method reconstructs files using only trusted content from the original file, thereby ensuring complete security.
The software is designed to work with sub-second performance, offering robust protection without noticeable delays to the user. It supports a broad range of file types, making it versatile for various business needs.
As a desktop solution, the CDR software guarantees that file data never leaves the user's device, with sanitization performed locally. This feature ensures a high level of privacy and security for the user's data.
Additionally, telemetry from the CDR software is sent to the Bodyguard platform. This data can optionally be accessed by external data aggregators if required.
Partner Portal and Dashboard
A central Partner Portal is provided to facilitate the management of multiple clients. This portal allows for efficient and effective oversight of the Bodyguard CDR software across various endpoints.
The Bodyguard Cloud Dashboard is part of this portal, and it offers valuable insights into the performance of the CDR process. It presents metrics about the sanitization process, including the number of files sanitized, types of threats neutralized, and overall performance. This information is essential for evaluating and improving security measures.
The partner portal is located at:
https://manage.prod.bodyguard.io/
(accounts are provided during onboarding)
Within the partner portal, it is possible to navigate to separate customer portals.
Installation single desktop (GUI installer)
Within a customer portal, navigate to “Installation”.
The latest Window installer is available for download on this page.
Copy the license key and paste it during installation.
Deployment multiple desktops (script)
Instructions are available in the online Help Center:
https://support.bodyguard.io/article/1/deploy-bodyguard-using-intune
Additional deployment instructions can be provided on request.
Minimum Specifications
The Bodyguard CDR software is designed to work with a minimum operating system of Windows 10 for desktops and Windows Server 2016 for servers. This compatibility ensures that the software can operate effectively on a wide range of systems.
Please ensure that the system meets these minimum requirements before installation to ensure optimal functionality and performance of the Bodyguard CDR software.
Content policy configuration
Instructions are available in the online Help Center:
https://support.bodyguard.io/article/3/file-type-actions
It is generally advised to block all of the listed file types for which sanitization is not available. These file types are commonly used in malware attacks.
Data flow diagram
Understanding the data flow within the Bodyguard CDR software environment is key to appreciating its robust security and performance capabilities. Here's a step-by-step outline of how data is processed and flows within the system:
1. Filesystem Request: When an application on your desktop, like a browser, email, Teams, or Zoom, requests a file, the CDR software intercepts this request. The file could be an incoming email attachment, a file download, or any other file that the application is attempting to access.
2. File Sanitization: The intercepted file is then sanitized based on pre-configured policies. The sanitization process uses our proprietary "Positive Selective" technology. This technology dismantles the file, examines its individual components, and checks each piece against the configured policies.
3. Reconstruction: Only content that passes the examination is used to reconstruct the file. This guarantees that the reconstructed file is safe for use, containing only trusted elements from the original file. The reconstruction happens quickly, with sub-second performance, ensuring that there is no noticeable delay for the end user.
4. Delivery: Once the file is sanitized and reconstructed, it is passed back to the requesting application. This process is seamless, and the user can proceed with their tasks as if the file was never intercepted.
5. Telemetry: While the file data is processed locally and doesn't leave the user's device, anonymized telemetry data about the sanitization process is sent to the Bodyguard Platform. This information provides valuable insights into the performance and effectiveness of the CDR software.
6. Dashboard Reporting: This telemetry data is accessible via the Bodyguard Cloud Dashboard, providing metrics and reports about the sanitization process. These reports are crucial for maintaining the health and effectiveness of the CDR software. Optionally, the telemetry data can be accessed by external data aggregators if required.
7. Central Management: All the data flow, sanitization processes, and telemetry data can be centrally managed via the Bodyguard Partner Portal. This portal allows for efficient management of multiple clients, contributing to seamless operations and consistent security standards.
This data flow design ensures the highest level of security, privacy, and performance, allowing Bodyguard CDR software to provide robust protection without disrupting the user experience.