Integrating anti-virus in a clustered storage system

US 9,208,291 B1
Filed: 10/11/2012
Issued: 12/08/2015
Est. Priority Date: 04/30/2008
Status: Active Grant

First Claim

Patent Images

1. A method for scanning data for viruses, the method comprising:

receiving, from a client device, a request for data stored in a clustered storage system, the clustered storage system including a plurality of virtual servers and a plurality of nodes that are interconnected with each other over one or more networks;

identifying a virtual server from the plurality of virtual servers based on a location where the data is stored in the clustered storage system;

retrieving on-access policy information associated with the identified virtual server and the location of the data in response to receiving the request for the data;

accessing one or more predetermined criterion specified by the on-access policy information;

determining that the data is to be scanned for viruses based on the one or more predetermined criterion; and

scanning the data for viruses using third party software components that are provided by a third party vendor.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for integrating anti-virus in a clustered storage system. A clustered storage system provides anti-virus scanning with third-party software components. Specifically, the clustered storage system receives a request for data from a client, identifies the data requires scanning and scans the data for viruses with third party software components that have been previously provided by any one of a number of third party software vendors.

16 Citations

23 Claims

1. A method for scanning data for viruses, the method comprising:
- receiving, from a client device, a request for data stored in a clustered storage system, the clustered storage system including a plurality of virtual servers and a plurality of nodes that are interconnected with each other over one or more networks;
  
  identifying a virtual server from the plurality of virtual servers based on a location where the data is stored in the clustered storage system;
  
  retrieving on-access policy information associated with the identified virtual server and the location of the data in response to receiving the request for the data;
  
  accessing one or more predetermined criterion specified by the on-access policy information;
  
  determining that the data is to be scanned for viruses based on the one or more predetermined criterion; and
  
  scanning the data for viruses using third party software components that are provided by a third party vendor.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, further comprising:
    - generating a scan flag based on determining that the data is to be scanned for viruses; and
      
      generating one or more parameters that indicate a type of request for the data, the type of request corresponding to a read request or a write request;
      
      wherein scanning the data for viruses is based on the one or more parameters.
  - 3. The method of claim 1, wherein receiving the request for the data includes receiving a request, over the one or more networks, to access a file that includes the data.
  - 4. The method of claim 3, wherein the one or more predetermined criterion specifies that the data is to be scanned for viruses when the file that includes the data is stored in a predetermined file directory.
  - 5. The method of claim 3, wherein the one or more predetermined criterion specifies that the data is to be scanned for viruses based on a protocol in which the request to access the file is received, and wherein the protocol corresponds to either a common internet file system (CIFS) protocol or a network file system (NFS) protocol.
  - 6. The method of claim 3, wherein the one or more predetermined criterion specifies that the data is to be scanned for viruses when the file has execute permissions set for one or more permissions groups.
  - 7. The method of claim 1, wherein the one or more predetermined criterion is configurable by a user.
  - 8. The method of claim 1, further comprising:
    - generating a plurality of attributes based on scanning the data for viruses, wherein the plurality of attributes includes a scan status and a version identifier that identifies a version of the third party software components.
  - 9. The method of claim 1, further comprising:
    - receiving an updated version of one or more of the third party software components from the third party vendor, the one or more of the third party software components being used for the scanning the data for viruses.
  - 10. The method of claim 9, wherein the updated version of the one or more third party software components includes an anti-virus scan engine and anti-virus definitions that are associated with a version identifier.

11. A computing device comprising:
- a network interface to enable the computing device to communicate with one or more other devices of a clustered storage system;
  
  a memory resource storing instructions; and
  
  at least one processor coupled to the network interface and the memory resource, the at least one processor to execute the instructions to perform operations comprising;
  
  receiving, from a client device via the network interface, a request for data stored in the clustered storage system including a plurality of virtual servers;
  
  identifying a virtual server from the plurality of virtual servers based on a location where the data is stored in the clustered storage system;
  
  retrieving on-access policy information associated with the identified virtual server and the location of the data in response to receiving the request for the data;
  
  accessing one or more predetermined criterion specified by the on-access policy information;
  
  determining that the data is to be scanned for viruses based on the one or more predetermined criterion; and
  
  scanning the data for viruses, the scan using third party software components that are provided by a third party vendor.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
- - 12. The computing device of claim 11, wherein the at least one processor executes the instructions to further perform operations comprising:
    - generating a scan flag based on determining that the data is to be scanned for viruses; and
      
      generating one or more parameters that indicate a type of request for the data, the type of request corresponding to a read request or a write request;
      
      wherein scanning the data for viruses is based on the one or more parameters.
  - 13. The computing device of claim 11, wherein the request corresponds to a request to access a file that includes the data.
  - 14. The computing device of claim 13, wherein the one or more predetermined criterion specifies that the data is to be scanned for viruses when the file that includes the data is stored in a predetermined file directory.
  - 15. The computing device of claim 13, wherein the one or more predetermined criterion specifies that the data is to be scanned for viruses based on a protocol in which the request to access the file is received, and wherein the protocol corresponds to either a common internet file system (CIFS) protocol or a network file system (NFS)protocol.
  - 16. The computing device of claim 13, wherein the one or more predetermined criterion specifies that the data is to be scanned for viruses when the file has execute permissions set for one or more permissions groups.
  - 17. The computing device of claim 11, wherein the one or more predetermined criterion is configurable by a user.
  - 18. The computing device of claim 11, wherein the at least one processor executes the instructions to further perform operations comprising:
    - generating a scan status based on scanning the data; and
      
      storing the scan status with an anti-virus version identifier that identifies the third party software components.
  - 19. The computing device of claim 11, wherein the at least one processor executes the instructions to further perform operations comprising:
    - receiving an updated version of one or more of the third party software components from the third party vendor, the one or more of the third party software components being used for the scanning the data for viruses.
  - 20. The clustered storage system of claim 19, wherein the updated version of the one or more third party software components includes an anti-virus scan engine and anti-virus definitions that are associated with a version identifier.

21. A non-transitory computer-readable medium storing instructions that, when executed by one or more processors, causes the one or more processors to perform operations comprising:
- receiving, from a client device, a request for data stored in a clustered storage system, the clustered storage system including a plurality of virtual servers and a plurality of nodes that are interconnected with each other over one or more networks;
  
  identifying a virtual server from the plurality of virtual servers based on a location where the data is stored in the clustered storage system;
  
  retrieving on-access policy information associated with the identified virtual server and the location of the data in response to receiving the request for the data;
  
  accessing one or more predetermined criterion specified by the on-access policy information;
  
  determining that the data is to be scanned for viruses based on the one or more predetermined criterion; and
  
  scanning the data for viruses using third party software components that are provided by a third party vendor.
- View Dependent Claims (22, 23)
- - 22. The non-transitory computer-readable medium of claim 21, wherein the request corresponds to a request to access a file that includes the data, and wherein the one or more predetermined criterion specifies that the data is to be scanned for viruses when the file that includes the data is stored in a predetermined file directory.
  - 23. The non-transitory computer-readable medium of claim 21, wherein the request corresponds to a request to access a file that includes the data, wherein the one or more predetermined criterion specifies that the data is to be scanned for viruses based on a protocol in which the request to access the file is received, and wherein the protocol corresponds to either a common internet file system (CIFS) protocol or a network file system (NFS) protocol.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
NetApp, Inc.
Original Assignee
NetApp, Inc.
Inventors
Dongre, Rommel, Cnudde, Isabelle
Primary Examiner(s)
Colin, Carl
Assistant Examiner(s)
Lavelle, Gary

Application Number

US13/649,867
Time in Patent Office

1,153 Days
Field of Search

726 22- 25, 726/29, 713/152, 713/153, 380/255, 380/257
US Class Current

1/1
CPC Class Codes

G06F 11/30   Monitoring

G06F 11/3006   where the computing system ...

G06F 11/301   where the computing system ...

G06F 2009/45587   Isolation or security of vi...

G06F 21/00   Security arrangements for p...

G06F 21/56   Computer malware detection ...

G06F 21/564   by virus signature recognition

G06F 21/566   Dynamic detection, i.e. det...

G06F 3/0623   in relation to content

G06F 3/0664   at device level, e.g. emula...

G06F 3/067   Distributed or networked st...

H04L 63/0218   Distributed architectures, ...

H04L 63/1416   Event detection, e.g. attac...

H04L 63/145   the attack involving the pr...

H04L 63/20   for managing network securi...

H04L 67/10   in which an application is ...

H04L 67/1097   for distributed storage of ...

H04W 12/08   Access security

Integrating anti-virus in a clustered storage system

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

16 Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

Integrating anti-virus in a clustered storage system

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

16 Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links