Security for Licensed Managed Applications
Point-click protection for FlexNet applications
GuardIT for FlexNet Publisher® has been developed by software-protection leader Arxan Technologies, in conjunction with a leader in license management, Flexera Software, to provide intricate and layered protection that mitigates license management piracy and tampering.
Flexera Software’s FlexNet Publisher’s license management policies specialize in enabling the specification, enforcement and tracking of software usage. One of the most common attacks on software applications today is to circumvent or defeat the license management policies of a software application using Binary Code Modification. Hackers modify the binaries of an application to bypass license management and to launch wide scale software piracy.
Arxan’s Solution for FlexNet Applications
GuardIT for FlexNet Publisher is specifically designed to thwart binary level attacks by protecting FlexNet libraries and application calls to the FlexNet libraries. This deep level of protection for both FlexNet libraries and application calls provides companies strong security against software piracy. GuardIT for FlexNet Publisher is easy-to-use and can be deployed as a seamless part of the build process due to its command line implementation capability.
Similar to the other products in the GuardIT family, GuardIT for FlexNet Publisher is based on patented Guard technology. However, unique to GuardIT for FlexNet Publisher, are a predefined and specific set of FlexNet Publisher protection Guards that are used to constitute a Guard protection network. The Guard network is embedded in a pre-configured and customizable GuardSpec® that defines the security design. FlexNet Publisher customers will realize increased security and efficient time-to-deployment with this unique ability to seamlessly incorporate GuardIT for FlexNet Publisher into their build process.
- Command line interface to integrate into build environment
- Fast, automated diversification to prevent BORE exploits
- A variety of randomization parameters leverage for additional security
- Authorized debugging of protected application
- Pre-configured and easy-to-use security
- Ability for users to directly edit and optimize GuardSpec to fine-tune protection coverage and performance
Guards at work to protect FlexNet 24/7:
GuardIT leverages thousands of guard instances, of many types, to comprehensively safeguard your applications against tampering, piracy and any manner of theft. The following table summarizes the types of Guards for FlexNet:
The functions performed by each of these Guards is described below:
|Class of Defense||Guard Type||Function|
|DEFEND||Obfuscation||Transforms programs into code that’s difficult to disassemble and understand, but has the same functionality as the original|
|Repair||Controls whether a repair Guard overwrites it’s protected range with fake code and, if so, whether at protection time or each time the guard runs|
|Encryption||Keeps code encrypted on disk to prevent reverse-engineering, and securely decrypts at run-time|
|DETECT||Debugger Detection||Detects whether a program has been executing in a debugging environment|
|Checksum||Detects whether a program has been modified by computing checksum within a specified range|
|Value-Verification||Mini Guard that combines a 4-byte expected value to runtime value within an image to detect change|
|Authentication||Detects modification code from one executable to another executable|
|REACT||Repair||Self-repairs any damaged or tampered code/data|
The following exhibit summarizes the process of transforming unprotected application into a protected application using GuardIT® for FlexNet: