Network managed antivirus appliance
First Claim
1. An apparatus comprising:
- at least one processor;
at least one device port or drive configured to communicatively receive connection of a portable data storage medium to the apparatus;
a network interface; and
at least one memory storing computer readable instructions that, when executed, cause the apparatus to;
receive at least one of operating system software and antivirus software from a device management server over a set of one or more predetermined network ports;
identify a direct attachment of a portable storage medium via the at least one device port or drive;
scan a plurality of files stored on the attached portable storage medium using software installed on the apparatus;
receive, via a user interface on the apparatus, user input specifying a user rights assignment for a first file on the attached portable storage medium;
assign the user rights assignment to the first file by transmitting data identifying the user rights assignment for the first file to the device management server via the network interface, wherein the first file on the attached portable storage medium is not modified, and wherein the first file is not transmitted to the device management server with the data identifying the user rights assignment; and
transmit results of the scan of the plurality of files over the set of predetermined network ports to the device management server,wherein the memory stores an operating system in which communication to and from the apparatus through one or more network ports, other than the set of predetermined network ports used to receive software from the device management server and transmit scan results to the device management server, is disabled or not supported.
7 Assignments
0 Petitions
Accused Products
Abstract
Data can be scanned using a network managed appliance. The network managed appliance may integrate commercial hardware elements connected through a basic or simplified operating system environment expressly developed for the appliance, thus being more malware resistant and less vulnerable to attacks from the scanned data or other sources. The network managed appliance may be a self-contained apparatus with an integrated chassis, designed and configured as “single-purpose” device. Such appliances may be connected to an appliance management network including central management servers in communication with appliances in remote locations. The central management servers may ensure that scanning software and the definitions lists for each of the appliances are current and match an enterprise-approved configuration.
33 Citations
19 Claims
-
1. An apparatus comprising:
-
at least one processor; at least one device port or drive configured to communicatively receive connection of a portable data storage medium to the apparatus; a network interface; and at least one memory storing computer readable instructions that, when executed, cause the apparatus to; receive at least one of operating system software and antivirus software from a device management server over a set of one or more predetermined network ports; identify a direct attachment of a portable storage medium via the at least one device port or drive; scan a plurality of files stored on the attached portable storage medium using software installed on the apparatus; receive, via a user interface on the apparatus, user input specifying a user rights assignment for a first file on the attached portable storage medium; assign the user rights assignment to the first file by transmitting data identifying the user rights assignment for the first file to the device management server via the network interface, wherein the first file on the attached portable storage medium is not modified, and wherein the first file is not transmitted to the device management server with the data identifying the user rights assignment; and transmit results of the scan of the plurality of files over the set of predetermined network ports to the device management server, wherein the memory stores an operating system in which communication to and from the apparatus through one or more network ports, other than the set of predetermined network ports used to receive software from the device management server and transmit scan results to the device management server, is disabled or not supported. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An apparatus comprising:
-
at least one processor; at least one device port or drive configured to receive connection of a portable storage medium to the apparatus; a network interface; and at least one memory storing an operating system configured to screen for vulnerabilities to viruses and malware, the at least one memory storing computer readable instructions that, when executed, cause the apparatus to; receive scanning software from a device management server over a set of one or more predetermined network ports; receive a plurality of data files via the at least one device port or drive; scan the plurality of data files using the scanning software; receive, via a user interface on the apparatus, user input specifying a user rights assignment for a first scanned data file in the plurality of data files; assign the user rights assignment to the first scanned data file by transmitting data identifying the user rights assignment for the first scanned data file to the device management server over the set of predetermined network ports, wherein the first scanned data file is not modified, and wherein the first scanned data file is not transmitted to the device management server with the data identifying the user rights assignment; transmit results of the scan of the plurality of files over the set of predetermined network ports to the device management server; determine, based on the scan, that the first scanned data file includes secure content, and that a second scanned data file does not include secure content; enforce a requirement that the first scanned data file but not the second scanned data file must be encrypted before it is transferred, based on the determination that the first scanned data file includes secure content and the second scanned data file does not include secure content; and allow a requested transfer of the first and second scanned data files, only after encryption of the first scanned data file, wherein the memory stores an operating system in which communication to and from the apparatus through one or more network ports, other than the set of predetermined network ports used to receive scanning software from the device management server and transmit scan results to the device management server, is disabled or not supported. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A system, comprising:
-
an antivirus appliance management server, comprising; at least one processor; at least one memory device; and at least one network interface, wherein the antivirus appliance management server is configured to receive and analyze a plurality of file lists from managed antivirus appliances, each said file list including a set of file properties and virus scan results for a plurality of files scanned by a managed antivirus appliance, and a plurality of managed antivirus appliances, each managed antivirus appliance comprising; at least one processor; at least one device port or drive configured to communicatively receive connection of a portable data storage medium to the managed antivirus appliance; a network interface; and at least one memory storing an operating system configured to screen for vulnerabilities to viruses and malware, the at least one memory storing computer readable instructions that, when executed, cause the managed antivirus appliance to; receive at least one of operating system software and antivirus software from the antivirus appliance management server over a set of one or more predetermined network ports; identify a direct attachment of a portable storage medium via the at least one device port or drive; scan a plurality of files stored on the attached portable storage medium using software installed on the managed antivirus appliance; create a list corresponding to the plurality of scanned files, the list including results of the scan and one or more file properties for each of the plurality of scanned files; and transmit the list corresponding to the plurality of scanned files over the set of predetermined network ports to the antivirus appliance management server, receive, via a user interface on the managed antivirus appliance, user input specifying a user rights assignment for a first scanned data file in the plurality of scanned files; and assign the user rights assignment to the first scanned data file by transmitting data identifying the user rights assignment for the first scanned data file to the antivirus appliance management server over the set of predetermined network ports, wherein the first scanned data file is not modified, and wherein the first scanned data file is not transmitted to the antivirus appliance management server with the data identifying the user rights assignment; and transmit results of the scan of the plurality of files over the set of predetermined network ports to the antivirus appliance management server; wherein the operating system of each managed antivirus appliance is configured to disable or not support communication to and from the managed antivirus appliance though one or more network ports, other than the set of predetermined network ports used to receive software from the antivirus appliance management server and transmit scan results to the antivirus appliance management server. - View Dependent Claims (19)
-
Specification