公开(公告)号：US20090228651A1

公开(公告)日：2009-09-10

申请号：US12364416

申请日：2009-02-02

Applicant: Samar Sharma ,  Silvano Gai ,  Dinesh Dutt ,  Sanjaya Kumar ,  Umesh Mahajan

Inventor： Samar Sharma ,  Silvano Gai ,  Dinesh Dutt ,  Sanjaya Kumar ,  Umesh Mahajan

IPC: G06F12/00 ,  G06F3/00 ,  G06F12/16

CPC classification number: G06F11/2069 ,  G06F11/2064 ,  G06F11/2082 ,  G06F11/2087 ,  G06F2201/84

Abstract: A technique is provided for implementing online mirroring of a volume in a storage area network. A first instance of the volume is instantiated at a first port of the fibre channel fabric for enabling I/O operations to be performed at the volume. One or more mirroring procedures may be performed at the volume. In at least one implementation, the first port is able to perform first I/O operations at the volume concurrently while the mirroring procedures are being performed at the first volume. In one implementation, the mirroring procedures may be implemented at a fabric switch of the storage area network. Additionally, in at least one implementation, multiple hosts may be provided with concurrent access to the volume during the mirroring operations without serializing the access to the volume.

Abstract translation: 提供了一种用于实现存储区域网络中的卷的在线镜像的技术。 该卷的第一个实例在光纤通道结构的第一个端口处被实例化，以便在卷上执行I / O操作。 可以在体积上执行一个或多个镜像过程。 在至少一个实现中，第一个端口能够在第一个卷执行镜像过程时同时执行卷上的第一个I / O操作。 在一个实现中，可以在存储区域网络的结构交换机处实现镜像过程。 此外，在至少一个实现中，可以在镜像操作期间向多个主机提供对卷的并发访问，而不对序列化对卷的访问。

公开(公告)号：US07558775B1

公开(公告)日：2009-07-07

申请号：US10165590

申请日：2002-06-08

Applicant: Rina Panigrahy ,  Samar Sharma

Inventor： Rina Panigrahy ,  Samar Sharma

IPC: G06F7/00 ,  G06F17/30

CPC classification number: H04L45/00 ,  H04L45/7457 ,  Y10S707/99931 ,  Y10S707/99936

Abstract: Sets of ranges typically are maintained using an associative memory and may be used to identify a matching range based on a query point or query range and to maintain sorted elements for use, such as in providing priority queue operations. In one implementation, ranges are added to a set of ranges by determining a longest common prefix of a starting point and an ending point of the range, extending this longest common prefix by appending a bit to create a particular extended longest common prefix, and then storing it in the set of extended longest common prefixes. The set of extended longest common prefixes is then processed based on the query point or range to identify the matching range. Additionally, one implementation uses bands for identifying ranges, where the band is formed from the starting and ending points to the longest common matching prefix of the these points.

Abstract translation: 范围集合通常使用关联存储器来维护，并且可以用于基于查询点或查询范围来识别匹配范围，并且维护排序的元素以供使用，诸如在提供优先级队列操作中。 在一个实现中，通过确定起始点和该范围的终点的最长公共前缀，将范围添加到一组范围，通过追加一位来创建特定的扩展最长公共前缀来扩展该最长公共前缀，然后 将其存储在扩展的最长公共前缀集中。 然后根据查询点或范围处理扩展最长公共前缀集，以识别匹配范围。 另外，一个实施方案使用用于识别范围的频带，其中频带从这些点的起始点和终点到最长公共匹配前缀形成。

公开(公告)号：US20090172816A1

公开(公告)日：2009-07-02

申请号：US11967731

申请日：2007-12-31

Applicant: FABIO R. MAINO ,  DINESH G. DUTT ,  SAMAR SHARMA ,  ARINDAM PAUL

Inventor： FABIO R. MAINO ,  DINESH G. DUTT ,  SAMAR SHARMA ,  ARINDAM PAUL

IPC: G06F21/00

CPC classification number: G06F21/564 ,  G06F21/566 ,  G06F2221/2151

Abstract: Embodiments of the invention improve the detection of malicious software applications, such as a rootkit, on hosts configured to access storage volumes over a storage area network (SAN). A rootkit detection program running on a switch may be configured to detect rootkits present on the storage volumes of the SAN. Because the switch may mount and access storage volumes independently from the (possibly comprised) hosts, the rootkit is not able to conceal itself from the rootkit detection program running on the switch.

Abstract translation: 本发明的实施例改进了被配置为通过存储区域网络（SAN）访问存储卷的主机上的恶意软件应用程序（例如rootkit）的检测。 可以将在交换机上运行的rootkit检测程序配置为检测存储在SAN存储卷上的rootkit。 因为交换机可以独立于（可能包含的）主机安装和访问存储卷，所以rootkit不能将自己隐藏在交换机上运行的rootkit检测程序中。

公开(公告)号：US07437507B2

公开(公告)日：2008-10-14

申请号：US11146457

申请日：2005-06-06

Applicant: Samar Sharma ,  Dinesh Dutt ,  Sanjaya Kumar ,  Umesh Mahajan ,  Thomas J. Edsall

Inventor： Samar Sharma ,  Dinesh Dutt ,  Sanjaya Kumar ,  Umesh Mahajan ,  Thomas J. Edsall

IPC: G06F12/00

CPC classification number: G06F3/0632 ,  G06F3/0617 ,  G06F3/067

Abstract: A technique is provided for implementing online restriping of a volume in a storage area network. A first instance of the volume is instantiated at a first port of the fibre channel fabric for enabling I/O operations to be performed at the volume. While restriping operations are being performed at the volume, the first port is able to concurrently perform I/O operations at the volume.

Abstract translation: 提供了一种用于实现存储区域网络中的卷的在线重新排列的技术。 该卷的第一个实例在光纤通道结构的第一个端口处被实例化，以便在卷上执行I / O操作。 当卷上执行重新启动操作时，第一个端口能够同时在卷上执行I / O操作。

公开(公告)号：US20080028167A1

公开(公告)日：2008-01-31

申请号：US11494036

申请日：2006-07-26

Applicant: Samar Sharma ,  Dinesh G. Dutt ,  Fabio R. Maino ,  Sanjaya Kumar

Inventor： Samar Sharma ,  Dinesh G. Dutt ,  Fabio R. Maino ,  Sanjaya Kumar

IPC: G06F12/00

CPC classification number: G06F11/2082 ,  H04L67/1097

Abstract: Methods and apparatus for performing MUD logging for a volume in a system implementing network-based virtualization are disclosed. This is accomplished by enabling two or more MUD loggers to separately maintain a MUD log for the volume. Through enabling the MUD loggers to communicate, the MUD loggers may update their respective MUD logs. Each MUD log includes information for one or more epochs, where the information for each of the epochs indicates a set of one or more regions that have been modified during the corresponding epoch.

Abstract translation: 公开了在实现基于网络的虚拟化的系统中执行用于卷的MUD日志记录的方法和装置。 这是通过使两个或多个MUD记录器能够单独维护该卷的MUD日志来实现的。 通过启用MUD记录器进行通信，MUD记录器可以更新其各自的MUD日志。 每个MUD日志包括一个或多个纪元的信息，其中每个历元的信息指示在相应历元期间被修改的一个或多个区域的集合。

公开(公告)号：US20070143552A1

公开(公告)日：2007-06-21

申请号：US11316026

申请日：2005-12-21

Applicant: Gaurav Rastogi ,  Rajesh Bhandari ,  Samar Sharma ,  Fabio Maino

Inventor： Gaurav Rastogi ,  Rajesh Bhandari ,  Samar Sharma ,  Fabio Maino

IPC: G06F13/00

CPC classification number: H04L63/1458 ,  G06F11/3409 ,  H04L63/101 ,  H04L67/1097

Abstract: Disclosed are methods and apparatus for detecting anomalies in a storage area network (SAN). Provided are one or more anomaly type(s) and corresponding actions to be performed when the one or more anomaly types are detected. Traffic in the SAN is then inspected in order to detect the one or more provided anomaly type(s). When a one of the provided one or more anomaly type(s) is detected, one or more of the corresponding action(s) is performed. The provided anomaly type(s) may include one or more of the following: a read or write access pattern anomaly, excessive login or control requests, a bandwidth usage anomaly, a configuration anomaly, and a hardware anomaly. The provided corresponding actions may include logging and/or publishing the detected anomaly, enabling capture of the detected anomaly by an analysis device, re-authentication of a host that is responsible for the anomaly, disable access control for a host that is responsible for the anomaly, rate control of an anomalous link, and shut down of an anomalous link.

Abstract translation: 公开了用于检测存储区域网络（SAN）中的异常的方法和装置。 提供当检测到一个或多个异常类型时要执行的一个或多个异常类型和相应的动作。 然后检查SAN中的流量，以便检测一个或多个所提供的异常类型。 当检测到所提供的一个或多个异常类型中的一个时，执行相应动作中的一个或多个。 所提供的异常类型可以包括以下中的一个或多个：读取或写入访问模式异常，过度登录或控制请求，带宽使用异常，配置异常和硬件异常。 所提供的相应动作可以包括记录和/或发布检测到的异常，从而能够通过分析设备捕获检测到的异常，对负责异常的主机进行重新认证，禁止负责该异常的主机的访问控制 异常链路的异常速率控制，异常链路的关闭。

公开(公告)号：US20070094466A1

公开(公告)日：2007-04-26

申请号：US11256450

申请日：2005-10-21

Applicant: Samar Sharma ,  Silvano Gai ,  Dinesh Dutt ,  Sanjaya Kumar ,  Umesh Mahajan

Inventor： Samar Sharma ,  Silvano Gai ,  Dinesh Dutt ,  Sanjaya Kumar ,  Umesh Mahajan

IPC: G06F12/16

CPC classification number: G06F11/2064 ,  G06F3/0605 ,  G06F3/061 ,  G06F3/0635 ,  G06F3/0665 ,  G06F3/067 ,  G06F11/2069 ,  G06F11/2082 ,  G06F11/2087 ,  G06F2201/84 ,  H04L67/1095 ,  H04L67/1097

Abstract: A technique is provided for implementing online mirroring of a volume in a storage area network. A first instance of the volume is instantiated at a first port of the fibre channel fabric for enabling I/O operations to be performed at the volume. One or more mirroring procedures may be performed at the volume. In at least one implementation, the first port is able to perform first I/O operations at the volume concurrently while the mirroring procedures are being performed at the first volume. In one implementation, the mirroring procedures may be implemented at a fabric switch of the storage area network. Additionally, in at least one implementation, multiple hosts may be provided with concurrent access to the volume during the mirroring operations without serializing the access to the volume.

Abstract translation: 提供了一种用于实现存储区域网络中的卷的在线镜像的技术。 该卷的第一个实例在光纤通道结构的第一个端口处被实例化，以便在卷上执行I / O操作。 可以在体积上执行一个或多个镜像过程。 在至少一个实现中，第一个端口能够在第一个卷执行镜像过程时同时执行卷上的第一个I / O操作。 在一个实现中，可以在存储区域网络的结构交换机处实现镜像过程。 此外，在至少一个实现中，可以在镜像操作期间向多个主机提供对卷的并发访问，而不对序列化对卷的访问。

公开(公告)号：US20070094465A1

公开(公告)日：2007-04-26

申请号：US11256292

申请日：2005-10-21

Applicant: Samar Sharma ,  Silvano Gai ,  Dinesh Dutt ,  Sanjaya Kumar ,  Umesh Mahajan

Inventor： Samar Sharma ,  Silvano Gai ,  Dinesh Dutt ,  Sanjaya Kumar ,  Umesh Mahajan

IPC: G06F12/16

CPC classification number: G06F11/2069 ,  G06F11/2064 ,  G06F11/2082 ,  G06F11/2087 ,  G06F2201/84

Abstract: A technique is provided for implementing online mirroring of a volume in a storage area network. A first instance of the volume is instantiated at a first port of the fibre channel fabric for enabling I/O operations to be performed at the volume. One or more mirroring procedures may be performed at the volume. In at least one implementation, the first port is able to perform first I/O operations at the volume concurrently while the mirroring procedures are being performed at the first volume. In one implementation, the mirroring procedures may be implemented at a fabric switch of the storage area network. Additionally, in at least one implementation, multiple hosts may be provided with concurrent access to the volume during the mirroring operations without serializing the access to the volume.

Abstract translation: 提供了一种用于实现存储区域网络中的卷的在线镜像的技术。 该卷的第一个实例在光纤通道结构的第一个端口处被实例化，以便在卷上执行I / O操作。 可以在体积上执行一个或多个镜像过程。 在至少一个实现中，第一个端口能够在第一个卷执行镜像过程时同时执行卷上的第一个I / O操作。 在一个实现中，可以在存储区域网络的结构交换机处实现镜像过程。 此外，在至少一个实现中，可以在镜像操作期间向多个主机提供对卷的并发访问，而不对序列化对卷的访问。

公开(公告)号：US20060168192A1

公开(公告)日：2006-07-27

申请号：US10984195

申请日：2004-11-08

Applicant: Samar Sharma ,  Rahul Chari ,  Sanjaya Kumar

Inventor： Samar Sharma ,  Rahul Chari ,  Sanjaya Kumar

IPC: G06F15/173 ,  G06F15/16

CPC classification number: H04L67/1097 ,  G06F11/2028 ,  H04L69/40

Abstract: Methods and apparatus provide formation and management of intelligent application clusters in a storage area network. Disk arbitration mechanisms ensure that a cluster is owned by a single member. In the event of a network partition, each cluster member involved arbitrates to gain ownership of a cluster. High availability mechanisms allow monitoring of system resources and effective failover capabilities.

Abstract translation: 方法和装置提供了存储区域网络中智能应用集群的形成和管理。 磁盘仲裁机制确保集群由单个成员拥有。 在网络分区的情况下，每个集群成员都会仲裁以获得集群的所有权。 高可用性机制允许监视系统资源和有效的故障切换功能。

公开(公告)号：US06816489B1

公开(公告)日：2004-11-09

申请号：US09685329

申请日：2000-10-05

Applicant: Abhijit Patra ,  Samar Sharma

Inventor： Abhijit Patra ,  Samar Sharma

IPC: H04L1228

CPC classification number: H04L49/253 ,  H04L49/203 ,  H04L49/309 ,  H04L49/606

Abstract: An apparatus and method of using same for associating a tag with each packet in an ATM switch to eliminate the need for an OVC table, thus saving both egress processing time and memory resources. The tag includes both a type of switching identifier and a per-logical-interface or per-external-VC information field. A packet received by the egress packet processing engine has associated with it (by the control plane) a frame control word containing a new cell header (NCH) corresponding to the OVC on which the packet was received from the fabric. This NCH contains the tag used to expedite egress processing. In one embodiment of the present invention, The tag value is provided in two fields, a tag type and a tag parameter. The tag type represents a code for different data path applications. The tag parameter takes on multiple values based on the tag type. The present invention efficiently uses the OVC to NCH mapping to map many OVCs to a small set of tags coded within the switch's NCH so that, rather than having to do an extra look-up in the egress engine in a large and non-scaleable OVC table, the egress engine has only to look in a small, fully-scaleable tag table. In fact, in one embodiment, no egress look-up is required at all.

Abstract translation: 一种用于将标签与ATM交换机中的每个分组关联以消除对OVC表的需要的装置和方法，从而节省了出口处理时间和存储资源。 该标签包括一种类型的交换标识符和每个逻辑接口或每个外部VC信息字段。 由出口分组处理引擎接收到的分组已经通过控制平面与控制平面相关联，该帧控制字包含与从组织接收分组的OVC对应的新信元报头（NCH）。 该NCH包含用于加速出口处理的标签。 在本发明的一个实施例中，标签值被提供在两个字段中，标签类型和标签参数。 标签类型代表不同数据路径应用程序的代码。 标签参数根据标签类型占用多个值。 本发明有效地使用OVC到NCH映射以将许多OVC映射到在交换机的NCH内编码的一小组标签，使得不必在大型和不可扩展的OVC中对出口引擎进行额外的查找 表格中，出口引擎只能查看一个小型，完全可扩展的标签表。 实际上，在一个实施例中，根本不需要出口查找。