公开(公告)号：US20240028361A1

公开(公告)日：2024-01-25

申请号：US17869680

申请日：2022-07-20

Applicant: VMware, Inc.

Inventor： Phani Kishore GADEPALLI ,  Xunjia LU ,  James Kenneth WHITE ,  Sam SCALISE

IPC: G06F9/455 ,  G06F12/084

CPC classification number: G06F9/45558 ,  G06F12/084 ,  G06F2009/45583 ,  G06F2212/152

Abstract: An example method of virtualized cache allocation for a virtualized computing system includes: providing, by a hypervisor for a virtual machine (VM), a virtual shared cache, the virtual shared cache backed by a physical shared cache of a processor; providing, by the hypervisor to the VM, virtual service classes and virtual service class bit masks; mapping, by the hypervisor, the virtual service classes to physical service classes of the processor; associating, by the hypervisor, a shift factor with the virtual service class bit masks with respect to physical service class bit masks of the processor; and configuring, by the hypervisor, service class registers and service class bit mask registers of the processor based on the mapping and the shift factor in response to configuration of the virtual shared cache by the VM.

公开(公告)号：US20240028360A1

公开(公告)日：2024-01-25

申请号：US17869584

申请日：2022-07-20

Applicant: VMware, Inc.

Inventor： Stoyan Genchev ,  Plamen Peev ,  Dimo Stanev ,  Nikola Bratanov

IPC: G06F9/455 ,  G06F9/48 ,  G06F9/50

CPC classification number: G06F9/45558 ,  G06F9/4881 ,  G06F9/50

Abstract: Methods, apparatus, systems, and articles of manufacture are disclosed for schedule-based lifecycle management of a virtual computing environment. An example apparatus includes at least one memory, machine readable instructions, and processor circuitry to at least one of execute or instantiate the machine readable instructions to at least generate a schedule including a rule, the rule to trigger an operation associated with a virtual resource of the virtualized environment, identify the virtual resource after a first determination that the rule corresponds to the virtual resource, and execute the operation after a second determination that a value of a utilization parameter of the virtual resource satisfies a threshold.

公开(公告)号：US20240028357A1

公开(公告)日：2024-01-25

申请号：US17818795

申请日：2022-08-10

Applicant: VMware, Inc.

Inventor： Jian LAN ,  Liang CUI ,  Yan QI ,  Xiaoli TIE ,  Weiqing WU ,  Aravind SRINIVASAN ,  Hemanth Kumar PANNEM ,  Uday Suresh MASUREKAR ,  Todd SABIN

IPC: G06F9/455 ,  G06F9/54

CPC classification number: G06F9/45558 ,  G06F9/45545 ,  G06F9/541

Abstract: The disclosure provides an approach for simulating a virtual environment. A method includes simulating, using a virtualization simulator, a plurality of hosts; simulating, using the virtualization simulator, a plurality of virtual computing instances (VCIs) associated with the plurality of simulated hosts, based on information obtained from a cluster application programming interface (API) provider; creating, using a virtualization simulator operator, one or more node simulator schedulers; creating, using the one or more node schedulers, a node simulator; simulating, using the node simulator, a plurality of guest operating systems (OSs) associated with the plurality of simulated VCIs; and joining the plurality of simulated guest OSs to one or more node clusters in a data center via an API server.

公开(公告)号：US20240028243A1

公开(公告)日：2024-01-25

申请号：US17870616

申请日：2022-07-21

Applicant: VMware, Inc.

Inventor： Andreas Georg Nowatzyk ,  Isam Wadih Akkawi ,  Pratap Subrahmanyam ,  Adarsh Seethanadi Nayak ,  Nishchay Dua

IPC: G06F3/06 ,  G06F12/02

CPC classification number: G06F3/0653 ,  G06F3/0611 ,  G06F3/0647 ,  G06F3/0683 ,  G06F12/0292 ,  G06F2212/1024

Abstract: In one set of embodiments, a hardware module of a computer system can receive a stream of addresses corresponding to memory units being accessed by a central processing unit (CPU) of the computer system. The hardware module can further generate a frequency estimate for each address in the stream of addresses, the frequency estimate being indicative of a number of times a memory unit identified by the address has been accessed by the CPU, and can determine, based on the generated frequency estimates, a set of n most frequently accessed memory units.

公开(公告)号：US11882134B2

公开(公告)日：2024-01-23

申请号：US17871906

申请日：2022-07-23

Applicant: VMware, Inc.

Inventor： Paul M. Drapeau ,  Kyle P. Gwinnup

IPC: H04L9/40 ,  H04L43/0817 ,  B60W60/00 ,  G06F18/25

CPC classification number: H04L63/1416 ,  B60W60/0011 ,  B60W60/0018 ,  B60W60/0025 ,  G06F18/25 ,  H04L43/0817 ,  H04L63/0263 ,  H04L63/1433 ,  H04L63/20

Abstract: Improved tools and techniques for generating stateful rules for behavior-based threat detection enable threat analysts, who do not have advanced computer programming skills, to quickly and easily generate high-level representations of stateful behavioral rules, which are then compiled into a format suitable for execution by a stateful rule processing engine. In some examples, the high-level representations of stateful rules are coded in a high-level, domain specific language (DSL). The DSL may provide high-level primitives suitable for (1) expressing sequences of attack behaviors, (2) tagging computational entities (e.g., threads, processes, applications, systems, users, etc.) with states (e.g., user-defined states), and/or (3) performing operations on endpoint nodes (e.g., reporting activity, blocking activity, terminating processes, etc.).

公开(公告)号：US20240022670A1

公开(公告)日：2024-01-18

申请号：US17897780

申请日：2022-08-29

Applicant: VMware, Inc.

Inventor： Zhongzheng TU ,  Weigang HUANG ,  Huiyong HUO ,  Mingsheng ZANG ,  Yueting ZHANG

IPC: H04N1/00 ,  G06F9/451

CPC classification number: H04N1/00225 ,  H04N1/00244 ,  H04N1/00217 ,  H04N1/0044 ,  H04N1/00129 ,  G06F9/452

Abstract: A scanning preview method for a remote desktop system that includes a client computing device that has running therein a remote desktop client application including a scanner redirection module, and a host server, the scanner redirection module including a scanner core that is configured to communicate with a physical scanner, includes the steps of: receiving from an application running on the host server, a request for a preview of a scanned image; in response to the request for the preview of the scanned image, transmitting to the scanner core a request to acquire the scanned image from the physical scanner; and upon receiving the scanned image from the scanner core, transmitting the scanned image to the application, and in response thereto, receiving from the application an image of a remote desktop that includes the scanned image.

公开(公告)号：US20240022598A1

公开(公告)日：2024-01-18

申请号：US18211555

申请日：2023-06-19

Applicant: VMware, Inc.

Inventor： Sreeram Iyer ,  Murali Basavaiah ,  Prasad Rao ,  Shyam Prasad Anisetti ,  Naveen Dhillon

IPC: H04L9/40 ,  H04L61/4511

CPC classification number: H04L63/1458 ,  H04L61/4511

Abstract: Some embodiments provide a two-tier DNS (Domain Name System) service for processing DNS requests. In some embodiments, the two-tier DNS service deploys first and second tiers of service machines, with the second-tier having several groups of service machines each of which is configured to resolve DNS requests for a different set of domain names than the other second-tier group(s). Each service machine in the first-tier is configured to identify the second-tier group responsible for each particular DNS request that the service machine receives for each particular domain name, and to forward the particular DNS request to the second-tier group that it identifies for the particular DNS request. The first-tier DNS service in some embodiments has only one group of service machines. Each first or second service machine group in some embodiments can have one or more service machines, and can be scaled up or down to add or remove service machines to the group (e.g., through an active/active layer 3 scaleout with BGP). In some embodiments, two different second-tier service groups can process DNS requests for two or more different FQDNs (fully qualified domain names) that are part of the same domain, and/or for two or more different FQDNs that are part of different domains.

公开(公告)号：US20240022588A1

公开(公告)日：2024-01-18

申请号：US17950234

申请日：2022-09-22

Applicant: VMWARE, INC.

Inventor： Shirish Vijayvargiya ,  Sunil Hasbe

IPC: H04L9/40

CPC classification number: H04L63/1433 ,  H04L63/20

Abstract: Computer-implemented methods, media, and systems for providing container security manageability are disclosed. In one computer-implemented method, a host device connected to a cloud server detects an event of a plurality of events generated by a plurality of containers hosted in the host device. The host device identifies container context data of the event, associates the container context data with the event, sends the container context data to the cloud server for security analysis. The host device receives, from the cloud server, security rules based on the security analysis and implements the security rules.

公开(公告)号：US20240022579A1

公开(公告)日：2024-01-18

申请号：US17958538

申请日：2022-10-03

Applicant: VMWARE, INC.

Inventor： MANISHA SAMEER GAMBHIR PAREKH

IPC: H04L9/40 ,  G06F9/455

CPC classification number: H04L63/1416 ,  H04L63/145 ,  G06F9/45558 ,  G06F2009/45587

Abstract: Example methods and systems for malicious process termination are described. In one example, a computer system may detect a first instance of a malicious network activity associated with a first virtualized computing instance. Termination of a first process implemented by the first virtualized computing instance may be triggered, the first instance of the malicious network activity being associated with the first process. The computer system may obtain event information associated with the first process and/or the first instance of the malicious network activity, and trigger termination of a second process implemented by a second virtualized computing instance based on the event information. Examples of the present disclosure may be implemented to leverage the detection of the first instance of the malicious network activity to terminate both the first process and the second process, and to block a second instance of a malicious network activity associated with the second process.

公开(公告)号：US20240022538A1

公开(公告)日：2024-01-18

申请号：US18211552

申请日：2023-06-19

Applicant: VMware, Inc.

Inventor： Sreeram Iyer ,  Murali Basavaiah ,  Prasad Rao ,  Shyam Prasad Anisetti ,  Naveen Dhillon

IPC: H04L61/4511 ,  H04L61/5007

CPC classification number: H04L61/4511 ,  H04L61/5007

Abstract: Some embodiments provide a two-tier DNS (Domain Name System) service for processing DNS requests. In some embodiments, the two-tier DNS service deploys first and second tiers of service machines, with the second-tier having several groups of service machines each of which is configured to resolve DNS requests for a different set of domain names than the other second-tier group(s). Each service machine in the first-tier is configured to identify the second-tier group responsible for each particular DNS request that the service machine receives for each particular domain name, and to forward the particular DNS request to the second-tier group that it identifies for the particular DNS request. The first-tier DNS service in some embodiments has only one group of service machines. Each first or second service machine group in some embodiments can have one or more service machines, and can be scaled up or down to add or remove service machines to the group (e.g., through an active/active layer 3 scaleout with BGP). In some embodiments, two different second-tier service groups can process DNS requests for two or more different FQDNs (fully qualified domain names) that are part of the same domain, and/or for two or more different FQDNs that are part of different domains.