Currently, when a network firewall performs security scanning on a file that is downloaded by using the HTTP (Hypertext transfer protocol) protocol, a full proxy technology is generally applied. The whole file is downloaded to the firewall first, and the file is returned to a user that downloads the file, only when it is detected that the file is secure. It is the same as file uploading. The firewall saves a file first, detects the file, and uploads the file to a destination server only after it is detected that the file is secure.
In the prior art, when a network is restricted, it may take a long time to download a file with a large data amount from a server to a firewall. Consequently, a download client receives no data within a long period of time, and therefore, the client may consider a connection broken and then close the connection automatically, which causes a download failure. Similarly, it also takes a long time to upload a file with a large data amount from a client to a file server. As a result, the server usually receives no data within a long period of time, and therefore, the server may close a connection automatically, which causes that file transfer fails.