公开(公告)号：US20200034252A1

公开(公告)日：2020-01-30

申请号：US16590061

申请日：2019-10-01

Applicant: Commvault Systems, Inc.

Inventor： Amit MITKAR ,  Andrei EROFEEV ,  Amit Bhaskar AUSARKAR ,  Ajay Venkat NAGRALE

IPC: G06F11/14 ,  G06F11/30 ,  G06F11/32 ,  G06F3/06 ,  G06F9/455

Abstract: Recovery points can be used for replicating a virtual machine and reverting the virtual machine to a different state. A filter driver can monitor and capture input/output commands between a virtual machine and a virtual machine disk. The captured input/output commands can be used to create a recovery point. The recovery point can be associated with a bitmap that may be used to identify data blocks that have been modified between two versions of the virtual machine. Using this bitmap, a virtual machine may be reverted or restored to a different state by replacing modified data blocks and without replacing the entire virtual machine disk.

公开(公告)号：US20190108341A1

公开(公告)日：2019-04-11

申请号：US16129623

申请日：2018-09-12

Applicant: Commvault Systems, Inc.

Inventor： PurnaChandra Sekhar BEDHAPUDI ,  Sri Karthik BHAGI ,  Deepak Raghunath ATTARDE ,  Arun Prasad AMARENDRAN ,  Amit Bhaskar AUSARKAR ,  Mrityunjay UPADHYAY

IPC: G06F21/56 ,  G06F16/17 ,  G06F16/174

Abstract: This application relates to ransomware detection and data pruning management. Ransomware typically involves an I/O heavy process of encrypting data files and/or deleting or renaming the original files. Thus, ransomware attacks may be detected by analyzing the I/O activity in a given file system. In some embodiments, a software module running on a client machine manages copying, archiving, migrating, and/or replicating of primary data and restoring and/or pruning secondary data (e.g., backup copies of the primary data). When a potential ransomware attack is detected, the software module is immediately stopped so that the software module does not prune any data that may need to be restored. Upon receiving user input that indicates that the client machine is not under a ransomware attack, the software module is allowed to resume its operations, including pruning of the secondary data.

公开(公告)号：US20230400995A1

公开(公告)日：2023-12-14

申请号：US17852883

申请日：2022-06-29

Applicant: Commvault Systems, Inc.

Inventor： Manojkumar Machindra WAGHMARE ,  Amit Bhaskar AUSARKAR ,  Sunil Kumar GUTTA ,  Vijay H. AGRAWAL

IPC: G06F3/06 ,  G06F9/455

CPC classification number: G06F3/064 ,  G06F9/45558 ,  G06F3/0664 ,  G06F3/0604 ,  G06F3/0679 ,  G06F2009/45583 ,  G06F2009/45575 ,  G06F2009/45595

Abstract: Systems and methods disclosed herein improve on current technology for block-level data replication to cloud computing environments. A new system architecture deploys one or more replication tail proxies in a cloud computing environment, locally (at the cloud) tracks replicated data and determines which replicated data meet criteria for reconstructing a desired point-in-time in the cloud, and persists data blocks received at the replication tail proxy until they are processed as recovery points. The disclosed approach presents resiliency and performance advantages. First, the resiliency of block-level data replication to cloud is improved by deploying the replication tail proxy in the destination cloud. Second, a Recovery Time Objective (RTO) is reduced by enabling faster cloud deployment of virtual machines for disaster recovery, failover, and/or test purposes based on the replicated data.

公开(公告)号：US20180276022A1

公开(公告)日：2018-09-27

申请号：US15923985

申请日：2018-03-16

Applicant: Commvault Systems, Inc.

Inventor： Amit MITKAR ,  Andrei EROFEEV ,  Amit Bhaskar AUSARKAR ,  Ajay Venkat NAGRALE

IPC: G06F9/455 ,  G06F11/14

CPC classification number: G06F9/45558 ,  G06F3/0481 ,  G06F3/0619 ,  G06F3/064 ,  G06F3/0647 ,  G06F3/065 ,  G06F3/0656 ,  G06F3/0664 ,  G06F3/067 ,  G06F11/1469 ,  G06F11/3006 ,  G06F11/3034 ,  G06F11/3055 ,  G06F11/324 ,  G06F2009/45562 ,  G06F2009/45583 ,  G06F2009/45595 ,  G06F2201/815 ,  G06F2201/82 ,  G06F2201/84

Abstract: Recovery points can be used for replicating a virtual machine and reverting the virtual machine to a different state. A filter driver can monitor and capture input/output commands between a virtual machine and a virtual machine disk. The captured input/output commands can be used to create a recovery point. The recovery point can be associated with a bitmap that may be used to identify data blocks that have been modified between two versions of the virtual machine. Using this bitmap, a virtual machine may be reverted or restored to a different state by replacing modified data blocks and without replacing the entire virtual machine disk.

公开(公告)号：US20180275913A1

公开(公告)日：2018-09-27

申请号：US15924004

申请日：2018-03-16

Applicant: Commvault Systems, Inc.

Inventor： Amit MITKAR ,  Andrei EROFEEV ,  Amit Bhaskar AUSARKAR ,  Ajay Venkat NAGRALE

IPC: G06F3/06

Abstract: Recovery points can be used for replicating a virtual machine and reverting the virtual machine to a different state. A filter driver can monitor and capture input/output commands between a virtual machine and a virtual machine disk. The captured input/output commands can be used to create a recovery point. The recovery point can be associated with a bitmap that may be used to identify data blocks that have been modified between two versions of the virtual machine. Using this bitmap, a virtual machine may be reverted or restored to a different state by replacing modified data blocks and without replacing the entire virtual machine disk.

公开(公告)号：US20190109870A1

公开(公告)日：2019-04-11

申请号：US16129644

申请日：2018-09-12

Applicant: Commvault Systems, Inc.

Inventor： PurnaChandra Sekhar BEDHAPUDI ,  Sri Karthik BHAGI ,  Deepak Raghunath ATTARDE ,  Arun Prasad AMARENDRAN ,  Amit Bhaskar AUSARKAR ,  Mrityunjay UPADHYAY

IPC: H04L29/06 ,  G06F16/17

Abstract: This application relates to ransomware detection and intelligent restore. Ransomware typically involves an I/O heavy process of encrypting data files and/or deleting or renaming the original files. Thus, ransomware attacks may be detected by analyzing the I/O activity in a given file system. When a potential ransomware attack is detected, a timestamp is recorded. If the client machine is indeed taken over by the ransomware attack, an intelligent restore operation can be performed such that the file system is automatically restored to a point in time prior to the infection by the ransomware attack using the recorded timestamp.

公开(公告)号：US20190108340A1

公开(公告)日：2019-04-11

申请号：US16129609

申请日：2018-09-12

Applicant: Commvault Systems, Inc.

Inventor： PurnaChandra Sekhar BEDHAPUDI ,  Sri Karthik BHAGI ,  Deepak Raghunath ATTARDE ,  Arun Prasad AMARENDRAN ,  Amit Bhaskar AUSARKAR ,  Mrityunjay UPADHYAY

IPC: G06F21/56 ,  G06F16/17

Abstract: This application relates to ransomware detection. Ransomware typically involves an I/O heavy process of encrypting data files and/or deleting or renaming the original files. Thus, ransomware attacks may be detected by analyzing the I/O activity in a given file system. In some embodiments, a software module running on a client machine monitors the I/O activity in a file system. The software module records the number of times the files in the file system are modified, created, deleted, and renamed. The recorded number is compared against a threshold. If the number exceeds the threshold, the software module provides an alert to the user of the client machine that the client machine may be under a ransomware attack. In some embodiments, index data gathered as part of backup operations is utilized, either alone or in combination with the continuously monitored I/O activity data, to detect ransomware attacks.

公开(公告)号：US20180276085A1

公开(公告)日：2018-09-27

申请号：US15923979

申请日：2018-03-16

Applicant: Commvault Systems, Inc.

Inventor： Amit MITKAR ,  Andrei EROFEEV ,  Amit Bhaskar AUSARKAR ,  Ajay Venkat NAGRALE

IPC: G06F11/14 ,  G06F3/06

CPC classification number: G06F9/45558 ,  G06F3/0481 ,  G06F3/0619 ,  G06F3/064 ,  G06F3/0647 ,  G06F3/065 ,  G06F3/0656 ,  G06F3/0664 ,  G06F3/067 ,  G06F11/1469 ,  G06F11/3006 ,  G06F11/3034 ,  G06F11/3055 ,  G06F11/324 ,  G06F2009/45562 ,  G06F2009/45583 ,  G06F2009/45595 ,  G06F2201/815 ,  G06F2201/82 ,  G06F2201/84

Abstract: Recovery points can be used for replicating a virtual machine and reverting the virtual machine to a different state. A filter driver can monitor and capture input/output commands between a virtual machine and a virtual machine disk. The captured input/output commands can be used to create a recovery point. The recovery point can be associated with a bitmap that may be used to identify data blocks that have been modified between two versions of the virtual machine. Using this bitmap, a virtual machine may be reverted or restored to a different state by replacing modified data blocks and without replacing the entire virtual machine disk.

公开(公告)号：US20250045397A1

公开(公告)日：2025-02-06

申请号：US18800976

申请日：2024-08-12

Applicant: Commvault Systems, Inc.

Inventor： PurnaChandra Sekhar BEDHAPUDI ,  Sri Karthik BHAGI ,  Deepak Raghunath ATTARDE ,  Arun Prasad AMARENDRAN ,  Amit Bhaskar AUSARKAR ,  Mrityunjay UPADHYAY

IPC: G06F21/56 ,  G06F16/17 ,  G06F16/174

Abstract: This application relates to ransomware detection and data pruning management. Ransomware typically involves an I/O heavy process of encrypting data files and/or deleting or renaming the original files. Thus, ransomware attacks may be detected by analyzing the I/O activity in a given file system. In some embodiments, a software module running on a client machine manages copying, archiving, migrating, and/or replicating of primary data and restoring and/or pruning secondary data (e.g., backup copies of the primary data). When a potential ransomware attack is detected, the software module is immediately stopped so that the software module does not prune any data that may need to be restored. Upon receiving user input that indicates that the client machine is not under a ransomware attack, the software module is allowed to resume its operations, including pruning of the secondary data.

公开(公告)号：US20240320108A1

公开(公告)日：2024-09-26

申请号：US18734556

申请日：2024-06-05

Applicant: Commvault Systems, Inc.

Inventor： Amit MITKAR ,  Andrei EROFEEV ,  Amit Bhaskar AUSARKAR ,  Ajay Venkat NAGRALE

IPC: G06F11/14 ,  G06F3/06 ,  G06F9/455 ,  G06F11/30 ,  G06F11/32 ,  G06F16/16 ,  G06F16/17 ,  G06F16/188 ,  G06F16/21

CPC classification number: G06F11/1469 ,  G06F3/0619 ,  G06F3/064 ,  G06F3/065 ,  G06F3/0656 ,  G06F9/45558 ,  G06F11/3006 ,  G06F11/3034 ,  G06F11/324 ,  G06F16/21 ,  G06F2009/45562 ,  G06F2009/45595 ,  G06F16/162 ,  G06F16/164 ,  G06F16/1734 ,  G06F16/188 ,  G06F2201/815 ,  G06F2201/82 ,  G06F2201/84

Abstract: Recovery points can be used for replicating a virtual machine and reverting the virtual machine to a different state. A filter driver can monitor and capture input/output commands between a virtual machine and a virtual machine disk. The captured input/output commands can be used to create a recovery point. The recovery point can be associated with a bitmap that may be used to identify data blocks that have been modified between two versions of the virtual machine. Using this bitmap, a virtual machine may be reverted or restored to a different state by replacing modified data blocks and without replacing the entire virtual machine disk.