ScrewDrivers Client Security

ScrewDrivers Endpoint/Scanning Client

ScrewDrivers Endpoint functions as a plug-in that uses virtual channels under Microsoft RDP, Citrix ICA, or VMware PCoIP protocols.  Our plug-in operates within the security layers of the host protocol.

All data sent by our plug-in to the server was in direct response to the server’s request for information over the virtual channel.  All data is checked for expected response data, type, and size.  Any data packet that was not expected is ignored and discarded.

When printing on the server, the print job data is in a proprietary TMF format that originates from our port monitor and is compressed (LZ4) before sending to the client.  For some small data packets, usually less than 16 bytes, compression may be skipped. This data contains the same data, type, and size information and any data packet that does not conform to expectations is ignored and discarded.

It is also important to note that data is never “executed” on either the client or server, it is always interpreted and converted into printing related data.  We never transfer files between client and server, only encoded printing data.

Reference articles Tricerat: The first diagram shows a typical client/server connection and the lines between client and server are the virtual channels described above.

Reference articles Citrix: