Content filtering of remote file-system access protocols
First Claim
1. A method comprising:
- monitoring, by a proxy implemented within a network gateway device of a private network, remote file-system access protocol sessions involving one or more of a plurality of client computer systems and a server computer system associated with the private network; and
for each file of a plurality of files on a share of the server computer system being accessed by one or more of the plurality of client computer systems;
creating, by the proxy, a shared holding buffer corresponding to the file within a shared memory of the network gateway device that is accessible to a plurality of processes running within the network gateway device;
buffering, by the proxy, into the shared holding buffer data being read from or written to the file by the monitored remote file-system access protocol sessions; and
responsive to a predetermined event, determining, by the proxy, whether malicious, dangerous or unauthorized content is contained within the shared holding buffer by performing content filtering on the shared holding buffer.
0 Assignments
0 Petitions
Accused Products
Abstract
Methods and systems for content filtering of remote file-system access protocols are provided. According to one embodiment, a proxy, implemented within a network gateway device of a private network, monitors remote file-system access protocol sessions involving client computer systems and a server computer system associated with the private network. For each file on a share of the server computer system being accessed by one or more of the client computer systems: (i) a shared holding buffer corresponding to the file is created within a shared memory of the network gateway device; (ii) data being read from or written to the file by the monitored remote file-system access protocol sessions is buffered into the shared holding buffer; and (iii) responsive to a predetermined event, content filtering is performed on the shared holding buffer to determine whether malicious, dangerous or unauthorized content is contained within the shared holding buffer.
-
Citations
14 Claims
-
1. A method comprising:
-
monitoring, by a proxy implemented within a network gateway device of a private network, remote file-system access protocol sessions involving one or more of a plurality of client computer systems and a server computer system associated with the private network; and for each file of a plurality of files on a share of the server computer system being accessed by one or more of the plurality of client computer systems; creating, by the proxy, a shared holding buffer corresponding to the file within a shared memory of the network gateway device that is accessible to a plurality of processes running within the network gateway device; buffering, by the proxy, into the shared holding buffer data being read from or written to the file by the monitored remote file-system access protocol sessions; and responsive to a predetermined event, determining, by the proxy, whether malicious, dangerous or unauthorized content is contained within the shared holding buffer by performing content filtering on the shared holding buffer. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A non-transitory computer-readable storage medium embodying a set of instructions, which when executed by one or more processors of a network gateway device, logically interposed between a plurality of client computer systems associated with a private network and a server computer system associated with the private network, cause a proxy implemented within the network gateway device to perform a method comprising:
-
monitoring remote file-system access protocol sessions involving one or more of the plurality of client computer systems and the server computer system; and for each file of a plurality of files on a share of the server computer system being accessed by one or more of the plurality of client computer systems; creating a shared holding buffer corresponding to the file within a shared memory of the network gateway device that is accessible to a plurality of processes running within the network gateway device; buffering into the shared holding buffer data being read from or written to the file by the monitored remote file-system access protocol sessions; and responsive to a predetermined event, determining whether malicious, dangerous or unauthorized content is contained within the shared holding buffer by performing content filtering on the shared holding buffer. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
Specification