Policy-based content filtering

  • US 8,656,479 B2
  • Filed: 06/18/2012
  • Issued: 02/18/2014
  • Est. Priority Date: 11/22/2005
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented method for processing application-level content of network service protocols, the method comprising:

  • redirecting a first network connection associated with a first network service protocol, by a networking subsystem implemented within a kernel of an operating system of a firewall device, to a first proxy module of a plurality of proxy modules within the firewall device that is configured to support the first network service protocol, wherein at least two of the plurality of proxy modules are configured to support different network service protocols;

    retrieving, by the first proxy module, one or more content processing configuration schemes associated with a matching firewall policy for the first network service protocol and the first network connection; and

    processing, by the first proxy module, application-level content of a packet stream associated with the network connection by;

    reassembling the application-level content from a plurality of packets of the packet stream; and

    scanning the application-level content based on the retrieved one or more content processing configuration schemes.

View all claims

    Thank you for your feedback