-
公开(公告)号:US11288256B2
公开(公告)日:2022-03-29
申请号:US16520232
申请日:2019-07-23
Applicant: VMware, Inc.
Inventor: Jayant Jain , Russell Lu , Ly Loi , Rick Lund , Arnold Poon
Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance. The analysis appliance, in some embodiments, receives definitions of keys and provides them to the host computers. In some embodiments, existing keys are modified based on the analysis. Additionally, or alternatively, new keys are provided based on the analysis. In some embodiments, the analysis appliance receives the flow group records (e.g., sets of attributes) based on the keys and the configuration data from each host computer.
-
公开(公告)号:US20210026720A1
公开(公告)日:2021-01-28
申请号:US16520233
申请日:2019-07-23
Applicant: VMware, Inc.
Inventor: Jayant Jain , Russell Lu , Rick Lund , Alok S. Tiagi , Sushruth Gopal
Abstract: Some embodiments provide a novel method for collecting and analyzing attributes of data flows associated with machines executing on a plurality of host computers to detect anomalous behavior. In some embodiments, an anomalous behavior is detected for at least one particular flow associated with at least one machine executing on the host computer. In some embodiments, anomaly detection is based on the context data from the guest introspection agent and deep packet inspection. An identifier of the detected anomalous behavior is stored, in some embodiments. The stored attributes are provided, in some embodiments, to a server for further analysis.
-
13.发明公开公开(公告)号:US20230359478A1
公开(公告)日:2023-11-09
申请号:US18219217
申请日:2023-07-07
Applicant: VMware, Inc.
Inventor: Jayant Jain , Anirban Sengupta , Rick Lund
CPC classification number: G06F9/45558 , G06F9/45545 , G06F9/44505 , G06F2009/45579 , G06F2009/45595 , G06F2009/45562
Abstract: Some embodiments provide a method for performing services on a host computer that executes several machines in a datacenter. The method configures a first set of one or more service containers for a first machine executing on the host computer, and a second set of one or more service containers for a second machine executing on the host computer. Each configured service container performs a service operation (e.g., a middlebox service operation, such as firewall, load balancing, encryption, etc.) on data messages associated with a particular machine (e.g., on ingress and/or egress data messages to and/or from the particular machine). For each particular machine, the method also configures a module along the particular machine's datapath to identify a subset of service operations to perform on a set of data messages associated with the particular machine, and to direct the set of data messages to a set of service containers configured for the particular machine to perform the identified set of service operations on the set of data messages. In some embodiments, the first and second machines are part of one logical network or one virtual private cloud that is deployed over a common physical network in the datacenter.
-
公开(公告)号:US11601458B2
公开(公告)日:2023-03-07
申请号:US17062600
申请日:2020-10-04
Applicant: VMware, Inc.
Inventor: Jayant Jain , Anirban Sengupta , Rick Lund , Kausum Kumar
Abstract: The current document is directed to methods and systems that generate microsegmentation quotients for computational entities and components of a distributed-computer-system. In the described implementation, microsegmentation quotients are generated for each component, subsystem, or computational entity, collectively referred to as “system entities,” of a set of specified system-entity types within the distributed computer system. Microsegmentation quotients are generated for system entities at any of the various hierarchical levels within a distributed computer system, including for the entire distributed computer system. Microsegmentation quotients are generated by an iterative process that refines initial estimates of the microsegmentation quotients for system entities within the distributed computer system. Microsegmentation quotients are displayed, through system-management interfaces, to administration and management personnel and provided to automated administration-and-management-system tools and facilities in order to facilitate analysis and monitoring of distributed-computer-system security as well as to facilitate rapid and accurate detection and amelioration of security-related deficiencies and problems.
-
Patent Agency Ranking
公开(公告)号:US20220109684A1
公开(公告)日:2022-04-07
申请号:US17062600
申请日:2020-10-04
Applicant: VMware, Inc.
Inventor: Jayant Jain , Anirban Sengupta , Rick Lund , Kausum Kumar
Abstract: The current document is directed to methods and systems that generate microsegmentation quotients for computational entities and components of a distributed-computer-system. In the described implementation, microsegmentation quotients are generated for each component, subsystem, or computational entity, collectively referred to as “system entities,” of a set of specified system-entity types within the distributed computer system. Microsegmentation quotients are generated for system entities at any of the various hierarchical levels within a distributed computer system, including for the entire distributed computer system. Microsegmentation quotients are generated by an iterative process that refines initial estimates of the microsegmentation quotients for system entities within the distributed computer system. Microsegmentation quotients are displayed, through system-management interfaces, to administration and management personnel and provided to automated administration-and-management-system tools and facilities in order to facilitate analysis and monitoring of distributed-computer-system security as well as to facilitate rapid and accurate detection and amelioration of security-related deficiencies and problems.
-
公开(公告)号:US20210029050A1
公开(公告)日:2021-01-28
申请号:US16520220
申请日:2019-07-23
Applicant: VMware, Inc.
Inventor: Jayant Jain , Russell Lu , Ly Loi , Rick Lund , Sushruth Gopal
IPC: H04L12/891 , H04L12/851 , H04L12/26
Abstract: Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance. Each host computer, in some embodiments, is responsible for collecting and reporting attributes of data flows associated with machines executing on a host computer. In some embodiments, the host computer includes a flow exporter that processes and publishes flow data to the analysis appliance, a set of agents for collecting context data relating to the flows from machines executing on the host, a set of additional modules that provide additional context data, an anomaly detection engine that analyzes flow data and context data and provides additional context data, and a context exporter for processing and publishing context data to the analysis appliance.
-
17.发明授权公开(公告)号:US11611625B2
公开(公告)日:2023-03-21
申请号:US17122153
申请日:2020-12-15
Applicant: VMware, Inc.
Inventor: Jayant Jain , Anirban Sengupta , Rick Lund
Abstract: Some embodiments provide a method for performing services on a host computer that executes several machines in a datacenter. The method configures a first set of one or more service containers for a first machine executing on the host computer, and a second set of one or more service containers for a second machine executing on the host computer. Each configured service container performs a service operation on data messages associated with a particular machine. For each particular machine, the method also configures a module along the particular machine's datapath to identify a subset of service operations to perform on a set of data messages associated with the particular machine, and to direct the set of data messages to a set of service containers configured for the particular machine to perform the identified set of service operations on the set of data messages.
-
公开(公告)号:US11436075B2
公开(公告)日:2022-09-06
申请号:US16520233
申请日:2019-07-23
Applicant: VMware, Inc.
Inventor: Jayant Jain , Russell Lu , Rick Lund , Alok S. Tiagi , Sushruth Gopal
IPC: G06F11/07 , H04L9/40 , H04L69/22 , H04L43/08 , H04L41/046
Abstract: Some embodiments provide a novel method for collecting and analyzing attributes of data flows associated with machines executing on a plurality of host computers to detect anomalous behavior. In some embodiments, an anomalous behavior is detected for at least one particular flow associated with at least one machine executing on the host computer. In some embodiments, anomaly detection is based on the context data from the guest introspection agent and deep packet inspection. An identifier of the detected anomalous behavior is stored, in some embodiments. The stored attributes are provided, in some embodiments, to a server for further analysis.
-
公开(公告)号:US20200177691A1
公开(公告)日:2020-06-04
申请号:US16207031
申请日:2018-11-30
Applicant: VMware, Inc.
Inventor: Jayant Jain , Rick Lund , Mike Parsa , Brenden Blanco , Anirban Sengupta
Abstract: In some embodiments, a first proxy is instantiated on the first computing device and receives packets that are intercepted by a hypervisor. The packets are sent between a workload and another device and the proxy includes a first session between the proxy and the another device and a second session between the proxy and the workload. State information is extracted for the packets that are sent in the first session or the second session at the first proxy and the state information is stored. The first computing device migrates the workload to a second computing device. When the workload is migrated to the second computing device, the state information for the workload is migrated to a second proxy that is instantiated on the second computing device. The second proxy then resumes the first session with the another device and the second session with the proxy using the state information.
-
-
-
-
-
-
-
-
Search Results
19
records
(took 0.012 seconds)
