Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

ScrewDrivers Endpoint/Scanning and Security

 

ScrewDrivers Endpoint/Scanning Client

ScrewDrivers Endpoint functions as a plug-in that uses virtual channels under Microsoft RDP, Citrix ICA, or VMware PCoIP protocols.  Our plug-in operates within the security layers of the host protocol.

All data sent by our plug-in to the server was in direct response to the server’s request for information over the virtual channel.  All data is checked for expected response data, type, and size.  Any data packet that was not expected is ignored and discarded.

When printing on the server, the print job data is in a proprietary format that originates from our port monitor and usually compressed before sending to the client.  This data contains the same data, type, and size information and any data packet that does not conform to expectations is ignored and discarded.

It is also important to note that data is never “executed” on either the client or server, it is always interpreted and converted into printing related data.  We never transfer files between client and server, only encoded printing data.

Reference articles Tricerat:

https://www.tricerat.com/blog/screwdrivers-diagrams The first diagram shows a typical client/server connection and the lines between client and server are the virtual channels described above.

Reference articles Citrix:

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops-service/secure.html

https://www.citrix.com/content/dam/citrix/en_us/documents/white-paper/end-to-end-encryption-with-xenapp-and-xendesktop.pdf

https://docs.citrix.com/en-us/citrix-virtual-apps-desktops/technical-overview/virtual-channels.html#security-and-ica-virtual-channels

 

  • No labels