Computerized system and method for advanced network content processing

摘要

A computerized system and method for processing network content in accordance with at least one content processing rule. In accordance with the inventive method, the network content is received at a first interface. The inventive system identifies a transmission protocol information of the received network content and uses the identified transmission protocol information to intercept at least a portion of the received network content formatted in accordance with a transmission protocol. The intercepted portion of the network content is redirected to a proxy, which buffers the redirected portion of network content. The buffered network content is scanned in accordance with a scanning criterion and processed in accordance with the at least one content processing rule based on the result of the scanning. The processed portion of network content may be forwarded using the second interface.

主权项

1. A computer-implemented method comprising:
receiving a plurality of packets at a first interface of a multi-purpose network protection firewall device including one or more processors and a memory; identifying a first transmission protocol according to which network content distributed among a first subset of packets of the plurality of packets is formatted; using information regarding the identified first transmission protocol to redirect the first subset of packets to a first proxy module integrated within the multi-purpose protection firewall device; extracting the network content from the first subset of packets and buffering at least a portion of the network content by the first proxy module; processing, by the first proxy module, the buffered portion of the network content in accordance with at least one content processing rule selected from a plurality of content processing rules based on the identified first transmission protocol, wherein the plurality of content processing rules includes one or more content filtering rules; identifying a second transmission protocol distinct from the first transmission protocol according to which network content distributed among a second subset of packets of the plurality of packets is formatted; and using information regarding the identified second transmission protocol to redirect the second subset of packets to a second proxy module integrated within the multi-purpose protection firewall device, wherein the first and second proxy modules are implemented at least in part by the one or more processors and the memory, the memory having instructions tangibly embodied therein representing at least a portion of the first and second proxy modules that are executable by the one or more processors.