公开(公告)号：US20140237471A1

公开(公告)日：2014-08-21

申请号：US14018230

申请日：2013-09-04

Applicant: BARRACUDA NETWORKS, INC.

Inventor： LINDSAY SNIDER

IPC: G06F9/455

CPC classification number: G06F9/45558

Abstract: A system enables booting a virtual machine and browsing files from a de-duplicated backup server by initializing a virtual machine process, and setting up NFS services connecting the NFS service to a fake disk. The fake disk is actualized by a backup server and an overlay store. Writing into the fake disk is supported by an overlay store. Reading from the fake disk is supported by file reads from the backup server or from the overlay store.

Abstract translation: 一个系统可以通过初始化一个虚拟机进程来启动一个虚拟机，并从一个去重复的备份服务器上浏览文件，并设置将NFS服务连接到一个假的磁盘上的NFS服务。 假磁盘由备份服务器和覆盖存储实现。 叠加存储器支持写入假磁盘。 从备份服务器或覆盖存储中读取文件支持从假磁盘读取数据。

公开(公告)号：US20150067860A1

公开(公告)日：2015-03-05

申请号：US14013677

申请日：2013-08-29

Applicant: BARRACUDA NETWORKS, INC.

Inventor： ZACHARY LEVOW ,  LINDSAY SNIDER

IPC: H04L29/06

CPC classification number: H04L63/145

Abstract: A store for virus and malware fingerprints is coupled to a backup server apparatus which receives hashes and file shards from backup clients through a network. A circuit compares hashes received from backup clients to determine matches with file shards previously stored and matches with file shards with virus or malware infections. File shards not previously stored are received for backup and inspection by a virus filter. When a received file shard is determined to match a virus or malware fingerprint, a process is initiated to restore the file on the backup client to a clean version and notify the user and the network security administrator. The hashes of file shards determined to match a virus or malware fingerprint are stored for future reference. The data of a file shard which has been determined to be infected is also stored in case of a false-positive determination.

Abstract translation: 用于病毒和恶意软件指纹的商店耦合到备份服务器设备，该备份服务器设备通过网络从备用客户端接收哈希和文件碎片。 电路比较从备份客户端收到的哈希值，以确定与以前存储的文件碎片的匹配，并与具有病毒或恶意软件感染的文件碎片匹配。 接收到以前未存储的文件碎片进行病毒过滤器的备份和检查。 当接收到的文件碎片被确定为匹配病毒或恶意软件指纹时，会启动一个进程，将备份客户端上的文件恢复到干净的版本，并通知用户和网络安全管理员。 确定匹配病毒或恶意软件指纹的文件碎片的哈希存储以备将来参考。 在判断为假阳性的情况下，还存储已被确定为被感染的文件碎片的数据。