Techniques for performing malware scanning of files stored within a file storage device of a computer network
First Claim
1. A proxy device for performing malware scanning of files stored within a file storage device of a computer network, the computer network having a plurality of client devices ranged to issue access requests using a dedicated file access protocol to the file storage device in order to access files stored on the file storage device, the proxy device being arranged so as to intercept access requests issued to the file storage device, and comprising:
- a first interface for receiving an access request issued by one of said client devices to said file storage device using the dedicated file access protocol;
a second interface for communicating with the file storage device to cause the file storage device to process the access request;
processing logic for causing malware scanning algorithms to be executed to determine whether the file identified by the access request is to be considered as malware;
wherein the processing logic is responsive to configuration data to determine which of the malware scanning algorithms should be selected for a particular file, the proxy device further comprising a scanning engine to execute the malware scanning algorithms selected by the processing logic;
wherein each of the devices in the computer network is assigned an identifier, and the proxy device is assigned the same identifier as is assigned to the file storage device, the first interface being connectable to a communication infrastructure of the computer network to enable communication between the proxy device and said client devices, and the file storage device being connectable to the second interface such that the file storage device is only accessible by said client devices via said proxy device;
wherein the second interface is configured to enable a plurality of the file storage devices to be connected to the proxy device, each of the file storage devices having a different identifier, and the proxy device being assigned multiple identifiers corresponding to the identifiers of the connected file storage devices, the first interface being configured to receive any access requests issued to one of said connected file storage devices;
wherein, upon receipt of the access request from a client device, the processing logic is arranged to determine from the access request predetermined attributes, and to send those predetermined attributes to the file storage device to enable the file storage device to perform a validation check, the processing logic only allowing the access request to proceed if the file storage device confirms that the client device is allowed to access the file identified by the file access request;
wherein the plurality of client devices are allowed direct access to the file storage device if the proxy device fails.
11 Assignments
0 Petitions
Accused Products
Abstract
The present invention relates to a proxy device, computer program product and method for performing malware scanning of files stored within a file storage device of a computer network. The computer network has a plurality of client devices arranged to issue access requests using a dedicated file access protocol to the file storage device in order to access files stored on the file storage device, with the proxy device being arranged so as to intercept access requests issued to the file storage device. The proxy device comprises a first interface for receiving an access request issued by one of the client devices to the file storage device using the dedicated file access protocol, and a second interface for communicating with the file storage device to cause the file storage device to process the access request. Further, processing logic is provided for causing selected malware scanning algorithms to be executed to determine whether the file identified by the access request is to be considered as malware. This approach removes the dependency of the malware scanning process on the operating system and/or vendor of the file storage device.
-
Citations
28 Claims
-
1. A proxy device for performing malware scanning of files stored within a file storage device of a computer network, the computer network having a plurality of client devices ranged to issue access requests using a dedicated file access protocol to the file storage device in order to access files stored on the file storage device, the proxy device being arranged so as to intercept access requests issued to the file storage device, and comprising:
-
a first interface for receiving an access request issued by one of said client devices to said file storage device using the dedicated file access protocol; a second interface for communicating with the file storage device to cause the file storage device to process the access request; processing logic for causing malware scanning algorithms to be executed to determine whether the file identified by the access request is to be considered as malware; wherein the processing logic is responsive to configuration data to determine which of the malware scanning algorithms should be selected for a particular file, the proxy device further comprising a scanning engine to execute the malware scanning algorithms selected by the processing logic; wherein each of the devices in the computer network is assigned an identifier, and the proxy device is assigned the same identifier as is assigned to the file storage device, the first interface being connectable to a communication infrastructure of the computer network to enable communication between the proxy device and said client devices, and the file storage device being connectable to the second interface such that the file storage device is only accessible by said client devices via said proxy device; wherein the second interface is configured to enable a plurality of the file storage devices to be connected to the proxy device, each of the file storage devices having a different identifier, and the proxy device being assigned multiple identifiers corresponding to the identifiers of the connected file storage devices, the first interface being configured to receive any access requests issued to one of said connected file storage devices; wherein, upon receipt of the access request from a client device, the processing logic is arranged to determine from the access request predetermined attributes, and to send those predetermined attributes to the file storage device to enable the file storage device to perform a validation check, the processing logic only allowing the access request to proceed if the file storage device confirms that the client device is allowed to access the file identified by the file access request; wherein the plurality of client devices are allowed direct access to the file storage device if the proxy device fails. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13)
-
-
14. A method of operating a proxy device to perform malware scanning of files stored within a file storage device of a computer network, the computer network having a plurality of client devices arranged to issue access requests using a dedicated file access protocol to the file storage device in order to access files stored on the file storage device, the proxy device being arranged so as to intercept access requests issued to the file storage device, and the method comprising the steps of:
-
(a) receiving an access request issued by one of said client devices to said file storage device using the dedicated file access protocol; (b) communicating with the file storage device to cause the file storage device to process the access request; and (c) causing malware scanning algorithms to be executed to determine whether the file identified by the access request is to be considered as malware; wherein said step (c) comprises the steps of; responsive to configuration data, determining which of the malware scanning algorithms should be selected for a particular file; and employing a scanning engine to execute the malware scanning algorithms selected by said determining step; wherein each of the devices in the computer network is assigned an identifier, the proxy device being assigned a unique identifier different to the identifier of the file storage device, the method further comprising the steps of; connecting the client devices, the proxy device and the file storage device to a communication infrastructure of the computer network; configuring the client devices such that access requests issued by the client devices are routed to the proxy device; and
configuring the file storage device to send processed access requests to the proxy device;upon receipt of the access request from a client device, determining from the access request predetermined attributes;
sending those predetermined attributes to the file storage device to enable the file storage device to perform a validation check; andonly allowing the access request to proceed if the file storage device confirms that the client device is allowed to access the file identified by the file access request; wherein the plurality of client devices are allowed direct access to the file storage device if the proxy device fails. - View Dependent Claims (15, 16, 17, 18, 19, 20, 21)
-
-
22. A computer program product operable to configure a proxy device to perform a method of malware scanning of files stored within a file storage device of a computer network, the computer network having a plurality of client devices arranged to issue access requests using a dedicated file access protocol to the file storage device in order to access files stored on the file storage device, the proxy device being arranged so as to intercept access requests issued to the file storage device, and the computer program product comprising:
-
(a) reception code operable to receive an access request issued by one of said client devices to said file storage device using the dedicated file access protocol; (b) communication code operable to communicate with the file storage device to cause the file storage device to process the access request; and (c) algorithm invoking code operable to cause malware scanning algorithms to be executed to determine whether the file identified by the access request is to be considered as malware; wherein said algorithm invoking code is operable to determine, responsive to configuration data, which of the malware scanning algorithms should be selected for a particular file, and the computer program product further comprises scanning engine code responsive to said algorithm invoking code and operable to execute the malware scanning algorithms selected by said algorithm invoking code; wherein each of the devices in the computer network is assigned an identifier, the proxy device being assigned a unique identifier different to the identifier of the file storage device, the client devices, the proxy device and the file storage device being connectable to a communication infrastructure of the computer network, the client devices being configured such that access requests issued by the client devices are routed to the proxy device, and the file storage device being configured to send processed access requests to the proxy device; wherein said reception code is operable, upon receipt of the access request from a client device, to determine from the access request predetermined attributes, the communication code being operable to send those predetermined attributes to the file storage device to enable the file storage device to perform a validation check, the access request only being allowed to proceed if the file storage device confirms that the client device is allowed to access the file identified by the file access request; wherein the plurality of client devices are allowed direct access to the file storage device if the proxy device fails. - View Dependent Claims (23, 24, 25, 26, 27, 28)
-
Specification