Clearswift — Filecatalyst

Maximizing Speed and Security: The Clearswift and FileCatalyst Integration

• Sending production data to vendors
• Receiving logs from field offices
• Sharing time-sensitive media or engineering files

Use Cases and Market Position

Configuration tips & best practices

• Use FileCatalyst Relay in DMZ to reduce direct exposure of internal servers.
• Apply ClearSwift scanning as a pre-receive check to stop malicious/sensitive files before they reach internal storages.
• Whitelist trusted sender IPs and sign transfers where possible.
• Enforce file type restrictions and size thresholds to limit attack surface.
• Use rate limits and transfer quotas per user/group.
• Maintain AV engine updates and periodic sandbox rule updates.
• Retain logs for compliance periods; push to SIEM for correlation and alerts.
• Test failover and disaster recovery of relay and inspection appliances.

• Problem: Clearswift sees a high-volume UDP stream and classifies it as a DDoS attack.
• Solution: Create a specific DLP exception rule: "Source IP = FileCatalyst Server" AND "Dest Port = 60000-61000" = Permit.

The Trigger: A user or automated system initiates a massive file transfer via FileCatalyst. clearswift filecatalyst

When integrated, Clearswift FileCatalyst allows organizations to move terabytes of data across the globe at wire speed while simultaneously performing deep content disarm and reconstruction (CDR) and data loss prevention (DLP) checks. Sending production data to vendors Receiving logs from