Desktop Security for FlexNet Publisher®

Security for Licensed Managed Applications


Point-click protection for FlexNet applications

GuardIT for FlexNet Publisher® has been developed by software-protection leader Arxan Technologies, in conjunction with a leader in license management, Flexera Software, to provide intricate and layered protection that mitigates license management piracy and tampering.

Flexera Software’s FlexNet Publisher’s license management policies specialize in enabling the specification, enforcement and tracking of software usage. One of the most common attacks on software applications today is to circumvent or defeat the license management policies of a software application using Binary Code Modification. Hackers modify the binaries of an application to bypass license management and to launch wide scale software piracy.


Arxan’s Solution for FlexNet Applications
GuardIT for FlexNet Publisher is specifically designed to thwart binary level attacks by protecting FlexNet libraries and application calls to the FlexNet libraries. This deep level of protection for both FlexNet libraries and application calls provides companies strong security against software piracy. GuardIT for FlexNet Publisher is easy-to-use and can be deployed as a seamless part of the build process due to its command line implementation capability.

Similar to the other products in the GuardIT family, GuardIT for FlexNet Publisher is based on patented Guard technology. However, unique to GuardIT for FlexNet Publisher, are a predefined and specific set of FlexNet Publisher protection Guards that are used to constitute a Guard protection network. The Guard network is embedded in a pre-configured and customizable GuardSpec® that defines the security design. FlexNet Publisher customers will realize increased security and efficient time-to-deployment with this unique ability to seamlessly incorporate GuardIT for FlexNet Publisher into their build process.

Core Features

  • Command line interface to integrate into build environment
  • Fast, automated diversification to prevent BORE exploits
  • A variety of randomization parameters leverage for additional security
  • Authorized debugging of protected application
  • Pre-configured and easy-to-use security
  • Ability for users to directly edit and optimize GuardSpec to fine-tune protection coverage and performance

Guards at work to protect FlexNet 24/7:

GuardIT leverages thousands of guard instances, of many types, to comprehensively safeguard your applications against tampering, piracy and any manner of theft. The following table summarizes the types of Guards for FlexNet:

The functions performed by each of these Guards is described below:

Class of Defense Guard Type Function
DEFEND Obfuscation Transforms programs into code that’s difficult to disassemble and understand, but has the same functionality as the original
Repair Controls whether a repair Guard overwrites it’s protected range with fake code and, if so, whether at protection time or each time the guard runs
Encryption Keeps code encrypted on disk to prevent reverse-engineering, and securely decrypts at run-time
DETECT Debugger Detection Detects whether a program has been executing in a debugging environment
Checksum Detects whether a program has been modified by computing checksum within a specified range
Value-Verification Mini Guard that combines a 4-byte expected value to runtime value within an image to detect change
Authentication Detects modification code from one executable to another executable
REACT Repair Self-repairs any damaged or tampered code/data

 


The following exhibit summarizes the process of transforming unprotected application into a protected application using GuardIT® for FlexNet:

GuardIT_for_FlexNet_Protection_Process