摘要 |
Methods and systems for content filtering of remote file-system access protocols are provided. According to one embodiment, a proxy, implemented within a network gateway device of a private network, monitors remote file-system access protocol sessions involving client computer systems and a server computer system associated with the private network. For each file on a share of the server computer system being accessed by one or more of the client computer systems: (i) a shared holding buffer corresponding to the file is created within a shared memory of the network gateway device; (ii) data being read from or written to the file by the monitored remote file-system access protocol sessions is buffered into the shared holding buffer; and (iii) responsive to a predetermined event, content filtering is performed on the shared holding buffer to determine whether malicious, dangerous or unauthorized content is contained within the shared holding buffer. |
主权项 |
1. A method comprising:
monitoring, by a proxy implemented within a network gateway device of a private network, remote file-system access protocol sessions involving one or more of a plurality of client computer systems and a server computer system associated with the private network; and for each file of a plurality of files on a share of the server computer system being accessed by one or more of the plurality of client computer systems:
creating, by the proxy, a shared holding buffer corresponding to the file within a shared memory of the network gateway device that is accessible to a plurality of processes running within the network gateway device;buffering, by the proxy, into the shared holding buffer data being read from or written to the file by the monitored remote file-system access protocol sessions; andresponsive to a predetermined event, determining, by the proxy, whether malicious, dangerous or unauthorized content is contained within the shared holding buffer by performing content filtering on the shared holding buffer. |