Computerized system and method for advanced network content processing
First Claim
1. A computer-implemented method comprising:
- receiving network traffic at a first interface of a network security device implementing firewall functionality;
identifying, by the network security device, a first transmission protocol according to which a first subset of packets of the network traffic is formatted;
redirecting, by the network security device, the first subset of packets to a first proxy module executing on the network security device based on the identified first transmission protocol;
extracting first network content from the first subset of packets and buffering at least a portion of the first network content by the first proxy module;
processing, by a plurality of scanning engines implemented within the first proxy module, the buffered portion of the first network content in accordance with a plurality of content processing rules selected from a rule definition store based on a first set of network traffic selectors associated with the first subset of packets;
identifying, by the network security device, a second transmission protocol, distinct from the first transmission protocol, according to which a second subset of packets of the network traffic is formatted;
redirecting, by the network security device, the second subset of packets to a second proxy module executing on the network security device based on the identified second transmission protocol;
extracting second network content from the second subset of packets and buffering at least a portion of the second network content by the second proxy module; and
processing, by a plurality of scanning engines implemented within the second proxy module, the buffered portion of the second network content in accordance with a plurality of content processing rules selected from the rule definition store based on a second set of network traffic selectors associated with the second subset of packets.
0 Assignments
0 Petitions
Accused Products
Abstract
A computerized system and method for processing network content in accordance with at least one content processing rule is provided. According to one embodiment, the network content is received at a first interface. A transmission protocol according to which the received network content is formatted is identified and used to intercept at least a portion of the received network content. The intercepted portion of the network content is redirected to a proxy, which buffers the redirected portion of network content. The buffered network content is scanned in accordance with a scanning criterion and processed in accordance with the at least one content processing rule based on the result of the scanning. The processed portion of network content may be forwarded using a second interface.
39 Citations
20 Claims
-
1. A computer-implemented method comprising:
-
receiving network traffic at a first interface of a network security device implementing firewall functionality; identifying, by the network security device, a first transmission protocol according to which a first subset of packets of the network traffic is formatted; redirecting, by the network security device, the first subset of packets to a first proxy module executing on the network security device based on the identified first transmission protocol; extracting first network content from the first subset of packets and buffering at least a portion of the first network content by the first proxy module; processing, by a plurality of scanning engines implemented within the first proxy module, the buffered portion of the first network content in accordance with a plurality of content processing rules selected from a rule definition store based on a first set of network traffic selectors associated with the first subset of packets; identifying, by the network security device, a second transmission protocol, distinct from the first transmission protocol, according to which a second subset of packets of the network traffic is formatted; redirecting, by the network security device, the second subset of packets to a second proxy module executing on the network security device based on the identified second transmission protocol; extracting second network content from the second subset of packets and buffering at least a portion of the second network content by the second proxy module; and processing, by a plurality of scanning engines implemented within the second proxy module, the buffered portion of the second network content in accordance with a plurality of content processing rules selected from the rule definition store based on a second set of network traffic selectors associated with the second subset of packets. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A non-transitory computer-readable storage medium embodying one or more sequences of instructions, which when executed by one or more processors of a network security device, cause the one or more processors to perform a method comprising:
-
receiving network traffic at a first interface of the network security device; identifying, by the network security device, a first transmission protocol according to which a first subset of packets of the network traffic is formatted; redirecting, by the network security device, the first subset of packets to a first proxy module executing on the network security device based on the identified first transmission protocol; extracting first network content from the first subset of packets and buffering at least a portion of the first network content by the first proxy module; processing, by a plurality of scanning engines implemented within the first proxy module, the buffered portion of the first network content in accordance with a plurality of content processing rules selected from a rule definition store based on a first set of network traffic selectors associated with the first subset of packets; identifying, by the network security device, a second transmission protocol, distinct from the first transmission protocol, according to which a second subset of packets of the network traffic is formatted; redirecting, by the network security device, the second subset of packets to a second proxy module executing on the network security device based on the identified second transmission protocol; extracting second network content from the second subset of packets and buffering at least a portion of the second network content by the second proxy module; and processing, by a plurality of scanning engines implemented within the second proxy module, the buffered portion of the second network content in accordance with a plurality of content processing rules selected from the rule definition store based on a second set of network traffic selectors associated with the second subset of packets. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification