Forcepoint Trusted Gateway System enables safe and simultaneous multi-directional file movement between physically separated networks of varying security and classification levels. Trusted Gateway System specializes in the transfer of unstructured files, such as Microsoft Office and PDF files, facilitating critical information-sharing to the right people at the right time. Forcepoint’s secure information-sharing solutions have a proven track record of proactively preventing government agencies from being compromised, while fostering the secure and efficient access to and transfer of information. Trusted Gateway System solves the difficult problem of satisfying security needs while facilitating unstructured file sharing. It is designed to meet most, if not all, cross domain security best practices.
Trusted Gateway System can be configured for different scenarios based on customer requirements and individual site security policy. Regardless of the workflows or combinations instituted, file movement can occur to and from an unlimited number of approved networks. Any-to-any classification level transfer and multiple file transfer requests are supported:
• Two-Person Human Review/Reliable Human Review (RHR)
-The Producer role is responsible for assembling and submitting transfers (or jobs).
-The Releaser role is responsible for review and approval (release) of the transfer.
• Template-based Submit
-A web-based interface presents users with a predefined template of the file destination and releaser information.
-User drags and drops files into the application to perform all configured validations.
• Self-Release
-Approved users can create a job and send it to approved destinations in one step without requiring the two-person human review process.
-Users must be granted the Self-Release role. Additional permission granularity is available.
• Bulk Upload
-Users have the ability to transfer large quantities of files from low- to higher-level networks, machineto-machine.
-Direct file transfers are supported using Secure Copy Protocol (SCP) and Secure File Transfer Protocol (SFTP) from a configured network to the appropriate destination. Only configured hosts can access the input directory through SCP. All other connection attempts are denied.
-Users can copy/paste text or drag and drop files into the tool.
-An optional service can be included on a Microsoft Windows system (2000 or later) allowing users to maintain local input directories. This service monitors the local folder and automatically copies the file for processing. A right-click shortcut allows users to send files to defined destinations, which can be secure file transfer protocol (SFTP) servers or email addresses at permitted classification levels.
• Directory Transfer Service Option (DTSO)
-A secure mechanism is provided to transfer directories from a low to a high network.
-DTSO runs on Linux and Microsoft Windows servers.
-This service is able to watch one or more top level, or “root,” directories and transfers files placed in those directories to a high side server.
Forcepoint Trusted Gateway System:
• Eliminate sensitive file sharing inefficiencies (“sneakernet”) during mission-critical activities.
• Quickly and securely move unstructured files between and within classification levels.
• Inspect and sanitize files with a R.A.I.N (Redundant filters that are Always Invoked) compliant solution.
• Configure file transfer workflows based on site-specific requirements and policies.
• Comply with the U.S. Government’s Raise-the-Bar initiatives.
• Add functionality with Forcepoint Trusted Print Delivery and Trusted Mail System.
