• US 20110225646A1
  • Filed: 05/24/2011
  • Published: 09/15/2011
  • Est. Priority Date: 11/22/2005
  • Status: Active Grant
  • ×
    • Pin
First Claim
Patent Images

1. A computer-implemented method for processing application-level content of network service protocols, the method comprising:

  • redirecting a network connection, by a networking subsystem implemented within a kernel of an operating system of a firewall device, to a proxy module of one or more proxy modules within the firewall device that is configured to support a network service protocol associated with the network connection;

    retrieving, by the proxy module, one or more content processing configuration schemes associated with a matching firewall policy for the network service protocol and the network connection, the one or more content processing configuration schemes each including a plurality of content processing configuration settings for each of one or more network service protocols; and

    processing, by the proxy module, application-level content of a packet stream associated with the network connection byreassembling the application-level content from a plurality of packets of the packet stream; and

    scanning the application-level content based on the retrieved one or more content processing configuration schemes.

View all claims

    Thank you for your feedback