Content filtering of remote file-system access protocols
First Claim
1. A method comprising:
- receiving, at a network device, logically interposed between one or more clients and a server, a remote file-system access protocol response from the server, the remote file-system access protocol response representing a response to a remote file-system access protocol request relating to a file associated with a share of the server sent from a client of the one or more clients;
when the remote file-system access protocol request represents a request to access the file, then determining, by the network device, whether a holding buffer exists on the network device corresponding to the file;
when a result of said determining is negative, then creating, by the network device, the holding buffer on the network device;
when the result of said determining is affirmative, then using, by the network device, the holding buffer for any of the one or more clients or processes running on the one or more clients that access the file;
buffering, by the network device, into the holding buffer data being read from or written to the file as a result of the remote file-system access protocol request; and
determining, by the network device, the existence or non-existence of malicious, dangerous or unauthorized content contained within the holding buffer by performing content filtering on the holding buffer.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for content filtering of remote file-system access protocols are provided. According to one embodiment, a remote file-system access protocol response is received at a network device logically interposed between one or more clients and a server. The response represents a response to a request from one of the clients relating to a file associated with a share of the server. A determination is made whether a holding buffer corresponding to the file exists. If not, then one is created; otherwise, the existing holding buffer is used for any of the clients or processes running on the clients that access the file. Data read from or written to the file as a result of the request is buffered into the holding buffer. The existence or non-existence of malicious, dangerous or unauthorized content contained within the holding buffer is determined by performing content filtering on the holding buffer.
21 Citations
20 Claims
-
1. A method comprising:
-
receiving, at a network device, logically interposed between one or more clients and a server, a remote file-system access protocol response from the server, the remote file-system access protocol response representing a response to a remote file-system access protocol request relating to a file associated with a share of the server sent from a client of the one or more clients; when the remote file-system access protocol request represents a request to access the file, then determining, by the network device, whether a holding buffer exists on the network device corresponding to the file; when a result of said determining is negative, then creating, by the network device, the holding buffer on the network device; when the result of said determining is affirmative, then using, by the network device, the holding buffer for any of the one or more clients or processes running on the one or more clients that access the file; buffering, by the network device, into the holding buffer data being read from or written to the file as a result of the remote file-system access protocol request; and determining, by the network device, the existence or non-existence of malicious, dangerous or unauthorized content contained within the holding buffer by performing content filtering on the holding buffer. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A network device comprising:
-
a memory having stored therein one or more routines; one or more processors configured to perform a method of handling remote file-system access protocol requests issued by one or more clients to a server by executing the one or more routines, wherein the method comprises; receiving a remote file-system access protocol response from the server, the remote file-system access protocol response representing a response to a remote file-system access protocol request for access to a file associated with a share of the server sent from a client of the one or more clients; when the remote-file system access protocol request represents a request to access the file, then determining whether a holding buffer exists on the network device corresponding to the file; when the holding buffer does not exist, then creating the holding buffer on the network device; when the holding buffer does exist, then using the holding buffer for any of the one or more clients or processes running on the one or more clients that access the file; buffering into the holding buffer data being read from or written to the file as a result of the remote file-system access protocol request; and determining the existence or non-existence of malicious, dangerous or unauthorized content contained within the holding buffer by performing content filtering on the holding buffer. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
Specification