公开(公告)号：US12041125B2

公开(公告)日：2024-07-16

申请号：US17866053

申请日：2022-07-15

Applicant: VMware LLC

Inventor： Jonathon Deriso ,  Saransh Bhatnagar ,  Rahul Parwani ,  Brian Link ,  Mohan Guttikonda ,  Satish Venkatakrishnan

IPC: G06F15/16 ,  H04L41/0604 ,  H04L67/01 ,  H04L67/104 ,  H04L67/1074 ,  H04L67/306

CPC classification number: H04L67/1078 ,  H04L41/0627 ,  H04L67/01 ,  H04L67/1044 ,  H04L67/306

Abstract: Disclosed are various embodiments for recognizing state changes in client devices and managing the state of client devices using device-driven management workflows. A computing device can receive a state of a client device. The computing device can then determine if the received state matches an expected, compliant state of the client device. When the computing device determines that the received state does not match the expected state, the computing device can identify a remedial workflow that would bring the client device into compliance. The computing device can send the remedial workflow and an instruction to run the remedial workflow to the client device.

公开(公告)号：US20240231865A1

公开(公告)日：2024-07-11

申请号：US18150342

申请日：2023-01-05

Applicant: VMware LLC

Inventor： Ronak Doshi ,  Cheng-Chun Tu ,  Guolin Yang ,  Boon Seong Ang ,  Peng Li

IPC: G06F9/455 ,  H04L69/22

CPC classification number: G06F9/45533 ,  H04L69/22

Abstract: Described herein are systems, methods, and software to offload an eXpress Data Path (XDP) operation from a virtual machine to the hypervisor or smart network interface on the host. In one implementation, a method includes, in a virtual machine on a host, passing an XDP configuration for the virtual machine to a hypervisor on the host. The method further includes, in the hypervisor initiating a process to implement the XDP configuration, identifying a packet directed to the virtual machine, and applying the process to the packet to determine an action for the packet.

公开(公告)号：US20240231837A1

公开(公告)日：2024-07-11

申请号：US18152686

申请日：2023-01-10

Applicant: VMware LLC

Inventor： Marcus Armando Benedetto Campi ,  Anjaneya Prasad Gondi

IPC: G06F9/4401

CPC classification number: G06F9/4416

Abstract: Methods, apparatus, systems, and articles of manufacture are disclosed to integrate smartNICs into platform management systems. A disclosed example includes determining a presence of a smart network interface card based on detection of a kernel-to-kernel network interface card; classifying a request from a client application, the request to obtain sensor data; determining whether the request is to be sent to a server hardware baseboard management controller or the smart network interface card; based on the determination, causing sending of the request to the smart network interface card, the request to cause the smart network interface card to obtain the sensor data from a sensor corresponding to the smart network interface card; and accessing a response from the smart network interface card, the response indicative of at least one sensor data record corresponding to the sensor.

公开(公告)号：US12032985B2

公开(公告)日：2024-07-09

申请号：US17245229

申请日：2021-04-30

Applicant: VMware, Inc.

Inventor： Stephen Jonathan Parry-Barwick ,  Maxwell Christopher Fox ,  Paul Adam Ryman ,  Yingfeng Ou

IPC: G06F9/455 ,  G06F8/65 ,  G06F9/445 ,  G06F9/54 ,  H04L9/32

CPC classification number: G06F9/45558 ,  G06F8/65 ,  G06F9/44505 ,  G06F9/54 ,  H04L9/3247 ,  G06F2009/45575 ,  G06F2009/45587 ,  G06F9/547

Abstract: Examples of enterprise management using managed virtual machines are described. Virtual machine files can be extracted from a virtual machine package and stored on a host device. The virtual machine files can include a managed virtual machine configuration file, an NVRAM file, and a virtual disk file, as well as other files. A digital signature of the managed virtual machine package can be verified. The digital signature can be based on the managed virtual machine configuration file, the NVRAM file, and a virtual disk file. The managed virtual machine can be added to a virtual machine inventory of the host desktop hypervisor and executed.

公开(公告)号：US20240220310A1

公开(公告)日：2024-07-04

申请号：US18609649

申请日：2024-03-19

Applicant: VMware LLC

Inventor： Bing NIU ,  Jin HE ,  Qi LIU ,  Sheng FANG ,  Xiangdong CHE ,  Xiangjun SONG

IPC: G06F9/455 ,  G06F9/445 ,  G06F12/1045 ,  G06F13/40

CPC classification number: G06F9/45558 ,  G06F9/44505 ,  G06F12/1045 ,  G06F13/4022 ,  G06F2009/45583

Abstract: An example method of offloading a compute task to an accelerator by an application executing in a host cluster includes: sending, by an application executing in an initiator host, the compute task to a virtual accelerator in the initiator host, the virtual accelerator paired with a hardware accelerator in a target host of the host cluster; forwarding, by the virtual accelerator, the compute task to the hardware accelerator in the target host over a network; and receiving, at the application via the virtual accelerator, a result of the compute task from the hardware accelerator over the network.

公开(公告)号：US20240214412A1

公开(公告)日：2024-06-27

申请号：US18342101

申请日：2023-06-27

Applicant: VMware LLC

Inventor： Zhen MO ,  Vijay GANTI ,  Debessay Fesehaye KASSA ,  Barak RAZ ,  Honglei LI

IPC: H04L9/40

CPC classification number: H04L63/1441 ,  H04L63/0236 ,  H04L63/1416 ,  H04L63/1425 ,  H04L63/20

Abstract: The disclosure provides an approach for detecting and preventing attacks in a network. Embodiments include determining a plurality of network behaviors of a process by monitoring the process. Embodiments include generating a plurality of intended states for the process based on subsets of the plurality of network behaviors. Embodiments include determining a plurality of intended state clusters by applying a clustering technique to the plurality of intended states. Embodiments include determining a state of the process. Embodiments include identifying a given cluster of the plurality of intended state clusters that corresponds to the state of the process. Embodiments include selecting a novelty detection technique based on a size of the given cluster. Embodiments include using the novelty detection technique to determine, based on the given cluster and the state of the process, whether to generate a security alert for the process.

公开(公告)号：US20240211294A1

公开(公告)日：2024-06-27

申请号：US18146221

申请日：2022-12-23

Applicant: VMware LLC

Inventor： Petr Vandrovec ,  Ivan Dimitrov Velevski

IPC: G06F9/455 ,  H04L9/08 ,  H04L9/32

CPC classification number: G06F9/45558 ,  H04L9/0877 ,  H04L9/3263 ,  G06F2009/45587

Abstract: Techniques for implementing a read-only mode for a virtual TPM device are provided. In one set of embodiments, while operating in this read-only mode, the virtual TPM device will not generate, store, or allow the use of any security sensitive data, thereby avoiding the security risks arising out of replicating (e.g., cloning) a VM or VM template that includes the device.

公开(公告)号：US12020091B2

公开(公告)日：2024-06-25

申请号：US18337401

申请日：2023-06-19

Applicant: VMware, Inc.

Inventor： Huiyong Huo ,  Zhongzheng Tu ,  Mingsheng Zang ,  Weigang Huang ,  Jinxing Hu

IPC: G06F9/44 ,  G06F9/451 ,  G06F9/54 ,  H04L67/141

CPC classification number: G06F9/547 ,  G06F9/452 ,  H04L67/141

Abstract: A system is described for establishing a nested bridge to improve data exchange between a client device and a second virtual desktop accessed by the client device through a first virtual desktop in a nested mode configuration. The nested bridge can be established between a virtual desktop agent of the first virtual desktop and a virtual desktop client of the second virtual desktop, both of which can run in the first virtual desktop, to enable fast and efficient exchange of data between the agent and client within the first virtual desktop. The nested bridge can be utilized in conjunction with virtual channels connecting the client device to the first virtual desktop and virtual channels connecting the first virtual desktop to the second virtual desktop for exchanging data between the client device and the second virtual desktop to enable various features.

公开(公告)号：US12020040B2

公开(公告)日：2024-06-25

申请号：US17711937

申请日：2022-04-01

Applicant: VMware, Inc.

Inventor： Kalyan Devarakonda ,  Praveen Tirumanyam

IPC: G06F9/445

CPC classification number: G06F9/44505

Abstract: A method of managing configurations of SDDCs of a tenant includes the steps of: retrieving a base configuration document, a first supplemental configuration document of a first SDDC, and a second supplemental configuration document of a second SDDC; issuing, to the first SDDC, a first instruction to update a running configuration state thereof according to the base configuration document and the first supplemental configuration document; and issuing, to the second SDDC, a second instruction to update a running configuration state thereof according to the base configuration document and the second supplemental configuration document, wherein the base configuration document includes settings of first configuration properties common across all of the tenant's SDDCs, the first supplemental configuration document includes first settings of second configuration properties only applicable to the first SDDC, and the second supplemental configuration document includes second settings of the second configuration properties only applicable to the second SDDC.

公开(公告)号：US12020011B2

公开(公告)日：2024-06-25

申请号：US16116595

申请日：2018-08-29

Applicant: VMware LLC

Inventor： Swapneel Ambre ,  Sudipto Mukhopadhyay

IPC: G06F8/65 ,  G06F8/71 ,  G06F9/455 ,  G06F16/901 ,  G06F16/907 ,  H04L67/00

CPC classification number: G06F8/65 ,  G06F8/71 ,  G06F9/45558 ,  G06F16/9024 ,  G06F16/907 ,  H04L67/34

Abstract: In a method for managing an upgrade of a virtualization infrastructure component, a plurality of metadata manifests corresponding to a plurality of software upgrade bundles is received, a software upgrade bundle for upgrading a virtualization infrastructure component from a source version to a target version, a metadata manifest comprising a listing of applications comprised within a corresponding software upgrade bundle and installation instructions for the applications comprised within the corresponding software upgrade bundle for upgrading the virtualization infrastructure component from a particular source version to a particular target version. A directed acyclic graph of available upgrade paths for the virtualization infrastructure component is populated based on the plurality of metadata manifests, wherein nodes identify the source versions and the target versions and edges identify the software upgrade bundle for upgrading the virtualization infrastructure component from the particular source version to the particular target version identified by the corresponding software upgrade bundle.