-
公开(公告)号:US20230229770A1
公开(公告)日:2023-07-20
申请号:US17966808
申请日:2022-10-15
申请人: VMware, Inc.
CPC分类号: G06F21/565 , G06F21/53 , G06F2221/033
摘要: Some embodiments provide a method of preventing network spread of malware files. At an edge device that provides a connection between a datacenter and an external network, the method receives, from the external network, a file that is destined to a particular machine executing in the datacenter. The method determines whether the file is a known file that has been previously assessed to contain malware. Based on a determination that the file is an unknown file, the method performs an analysis on the file to determine whether the file contains malware. The file cannot be opened by any machines during the analysis. When the file is determined to be a file that does not contain malware, the method allows the file to be downloaded to the particular machine.
-
公开(公告)号:US20230229771A1
公开(公告)日:2023-07-20
申请号:US17966822
申请日:2022-10-15
申请人: VMware, Inc.
CPC分类号: G06F21/565 , G06F21/53 , G06F2221/033
摘要: Some embodiments provide a method of preventing network spread of malware files. At a host computer executing in a datacenter, the method receives a request from a particular compute machine executing on the host computer to open a file that was downloaded to the host computer for the particular machine. The method determines whether the file is a known file that has been previously assessed to contain malware. Based on a determination that the file is unknown, the method allows the particular compute machine to open the file while also (i) creating a record to identify the file as a file that is currently being analyzed to assess whether the file contains malware, and (ii) distributing the record to other host computers in the datacenter to ensure that the file cannot be opened on the other host computers until it has been analyzed to confirm that the file does not contain malware.
-
公开(公告)号:US20230229769A1
公开(公告)日:2023-07-20
申请号:US17966807
申请日:2022-10-15
申请人: VMware, Inc.
CPC分类号: G06F21/565 , G06F21/53 , G06F2221/033
摘要: Some embodiments provide a method of preventing network spread of malware files. At a first host computer, the method detects an attempt to establish a file-transfer connection between a first compute machine executing on the first host computer and a second compute machine executing on a second host computer, the file transfer connection for transferring a particular file stored by the first compute machine. The method delays establishment of the file-transfer connection in order to perform an analysis of the particular file to determine whether the particular file contains malware. When the file is determined to contain malware, the method prevents the file-transfer connection from being established between the first and the second compute machines to prevent the file from being transferred.
-
-