	US 12,407,651 B2
	Inline inspection cybersecurity enforcement of multipart file transmissions
Zihang Xiao, Los Gatos, CA (US); Lexuan Sun, Sunnyvale, CA (US); Mengying Jiang, Campbell, CA (US); and Li Meng, Saratoga, CA (US)
Assigned to Palo Alto Networks, Inc., Santa Clara, CA (US)
Filed by Palo Alto Networks, Inc., Santa Clara, CA (US)
Filed on Feb. 16, 2023, as Appl. No. 18/170,084.
Prior Publication US 2024/0283775 A1, Aug. 22, 2024
Int. Cl. H04L 9/40 (2022.01)

CPC H04L 63/0245 (2013.01)

22 Claims

1. A method comprising:

based on an identification of an application for a first session of multiple sessions for a multipart file transmission of a file, determining a prevent action to prevent completion of the multipart file transmission;

instructing an intermediary network component to allow transmission or stall transmission of a first message in the first session based, at least in part, on the prevent action;

obtaining from the first message a first chunk of a plurality of chunks that constitutes the file and first metadata of the first chunk;

updating a data store to indicate the first chunk and the first metadata;

determining whether a cybersecurity analysis condition is satisfied based on information in the data store corresponding to the file;

based on a determination that the cybersecurity analysis condition is satisfied, supplying the first chunk or the file for cybersecurity analysis; and

communicating to the intermediary network component at least one of a verdict of the cybersecurity analysis and an indication to allow or prevent completion of the multipart file transmission.