Abstract: Some embodiments provide a method of preventing network spread of malware files. At an edge device that provides a connection between a datacenter and an external network, the method receives, from the external network, a file that is destined to a particular machine executing in the datacenter. The method determines whether the file is a known file that has been previously assessed to contain malware. Based on a determination that the file is an unknown file, the method performs an analysis on the file to determine whether the file contains malware. The file cannot be opened by any machines during the analysis. When the file is determined to be a file that does not contain malware, the method allows the file to be downloaded to the particular machine.

Abstract: Some embodiments provide a method of preventing network spread of malware files. At a host computer executing in a datacenter, the method receives a request from a particular compute machine executing on the host computer to open a file that was downloaded to the host computer for the particular machine. The method determines whether the file is a known file that has been previously assessed to contain malware. Based on a determination that the file is unknown, the method allows the particular compute machine to open the file while also (i) creating a record to identify the file as a file that is currently being analyzed to assess whether the file contains malware, and (ii) distributing the record to other host computers in the datacenter to ensure that the file cannot be opened on the other host computers until it has been analyzed to confirm that the file does not contain malware.

Abstract: Some embodiments provide a method of preventing network spread of malware files. At a first host computer, the method detects an attempt to establish a file-transfer connection between a first compute machine executing on the first host computer and a second compute machine executing on a second host computer, the file transfer connection for transferring a particular file stored by the first compute machine. The method delays establishment of the file-transfer connection in order to perform an analysis of the particular file to determine whether the particular file contains malware. When the file is determined to contain malware, the method prevents the file-transfer connection from being established between the first and the second compute machines to prevent the file from being transferred.

Abstract: Techniques for booting from an encrypted hard disk are disclosed. In one particular embodiment, the techniques may be realized as a method for booting from an encrypted virtual hard disk comprising booting a computing device from an encrypted virtual hard disk in a booting environment and authenticating an encryption password associated with the encrypted virtual hard disk. The method may comprise decrypting, via at least one computer processor, the encrypted virtual hard disk using the encryption password based at least in part on an authentication of the encryption password.

Abstract: A method and apparatus for processing transactional file system operations to enable point in time consistent file data recreation and recovery from transactional file systems is described. In one embodiment, the method includes processing input/output activity associated with file data that is used in a computing environment to identify at least one transaction and segregating the input/output activity based upon the at least one transaction to enable point in time consistent data recreation for the file data.