公开(公告)号：US20230315583A1

公开(公告)日：2023-10-05

申请号：US18132915

申请日：2023-04-10

申请人： Commvault Systems, Inc.

发明人： Sri Karthik BHAGI ,  PurnaChandra Sekhar BEDHAPUDI

IPC分类号： G06F11/14 ,  G06F21/64 ,  G06F16/17

CPC分类号： G06F11/1464 ,  G06F21/64 ,  G06F11/1461 ,  G06F16/1734 ,  G06F2201/84

摘要： An information management system can detect instances in which data is being stored in a non-standard file path and can alert the user of the client computing device, modify the storage policy to include the non-standard file path, and/or initiate a secondary copy operation to prevent data loss of the data stored in the non-standard file path. For example, a client computing device may execute a filter driver that monitors interactions with files in the file system. The filter driver can identify any non-standard file paths not subject to a storage policy that include files in which interactions occurred. For a non-standard file path, the filter driver can determine whether the frequency of interaction with files in the non-standard file path satisfies a threshold frequency. If the threshold is satisfied, then the filter driver may determine that the files should be subject to the storage policy and take appropriate action.

公开(公告)号：US20220113873A1

公开(公告)日：2022-04-14

申请号：US17445712

申请日：2021-08-23

申请人： Commvault Systems, Inc.

发明人： Duncan Alden LITTLEFIELD ,  Rajiv KOTTOMTHARAYIL ,  Kuldeep KUMAR ,  Sri Karthik BHAGI ,  Jun H. AHN ,  Parag GOKHALE

IPC分类号： G06F3/06

摘要： Certain embodiments described herein relate to an improved selective data backup system. In some embodiments, one or more components in an information management system can determine that a portion of the primary data scheduled for backup was previously backed up or is scheduled to be backed up as part of another backup operation. For example, a data agent performing a cluster-level backup operation for an entire cluster of storage servers may check whether any part of the primary data was previously backed up by a prior server-level backup operation for one of the storage servers in the cluster. If so, the data agent may skip, in the cluster-level backup operation, any portion of the primary data stored in the storage server previously backed up as part of the prior server-level backup operation.

公开(公告)号：US20190109870A1

公开(公告)日：2019-04-11

申请号：US16129644

申请日：2018-09-12

申请人： Commvault Systems, Inc.

发明人： PurnaChandra Sekhar BEDHAPUDI ,  Sri Karthik BHAGI ,  Deepak Raghunath ATTARDE ,  Arun Prasad AMARENDRAN ,  Amit Bhaskar AUSARKAR ,  Mrityunjay UPADHYAY

IPC分类号： H04L29/06 ,  G06F16/17

摘要： This application relates to ransomware detection and intelligent restore. Ransomware typically involves an I/O heavy process of encrypting data files and/or deleting or renaming the original files. Thus, ransomware attacks may be detected by analyzing the I/O activity in a given file system. When a potential ransomware attack is detected, a timestamp is recorded. If the client machine is indeed taken over by the ransomware attack, an intelligent restore operation can be performed such that the file system is automatically restored to a point in time prior to the infection by the ransomware attack using the recorded timestamp.

公开(公告)号：US20190108340A1

公开(公告)日：2019-04-11

申请号：US16129609

申请日：2018-09-12

申请人： Commvault Systems, Inc.

发明人： PurnaChandra Sekhar BEDHAPUDI ,  Sri Karthik BHAGI ,  Deepak Raghunath ATTARDE ,  Arun Prasad AMARENDRAN ,  Amit Bhaskar AUSARKAR ,  Mrityunjay UPADHYAY

IPC分类号： G06F21/56 ,  G06F16/17

摘要： This application relates to ransomware detection. Ransomware typically involves an I/O heavy process of encrypting data files and/or deleting or renaming the original files. Thus, ransomware attacks may be detected by analyzing the I/O activity in a given file system. In some embodiments, a software module running on a client machine monitors the I/O activity in a file system. The software module records the number of times the files in the file system are modified, created, deleted, and renamed. The recorded number is compared against a threshold. If the number exceeds the threshold, the software module provides an alert to the user of the client machine that the client machine may be under a ransomware attack. In some embodiments, index data gathered as part of backup operations is utilized, either alone or in combination with the continuously monitored I/O activity data, to detect ransomware attacks.

公开(公告)号：US20190087286A1

公开(公告)日：2019-03-21

申请号：US16130863

申请日：2018-09-13

申请人： Commvault Systems, Inc.

发明人： Sanath KUMAR ,  Sri Karthik BHAGI ,  Parag GOKHALE ,  Rahul S. PAWAR ,  Arun Prabu DURAISAMY ,  Manoj Kumar PRADHAN ,  Dmitriy Borisovich ZAKHARKIN ,  Prosenjit SINHA ,  Vipul PAWALE ,  Jaya Rama Raju INAVOLU ,  Manas Bhikchand MUTHA ,  Pushpendra SINGH

IPC分类号： G06F11/14 ,  G06F17/30

摘要： An improved content indexing system is disclosed herein that content indexing system combines the functionality of the backup metadata database and the content index database into a single backup and content index database to avoid the need to perform synchronization operations. By using a single backup and content index database, the content indexing system also reduces the computing performance costs that would be associated with the synchronization operations as the amount of indexed content increases, thereby solving scalability issues.

公开(公告)号：US20190087285A1

公开(公告)日：2019-03-21

申请号：US16130843

申请日：2018-09-13

申请人： Commvault Systems, Inc.

发明人： Sanath KUMAR ,  Sri Karthik BHAGI ,  Parag GOKHALE ,  Rahul S. PAWAR ,  Arun Prabu DURAISAMY ,  Manoj Kumar PRADHAN ,  Dmitriy Borisovich ZAKHARKIN ,  Prosenjit SINHA ,  Vipul PAWALE ,  Jaya Rama Raju INAVOLU ,  Manas Bhikchand MUTHA ,  Pushpendra SINGH

IPC分类号： G06F11/14 ,  G06F17/30

摘要： An improved content indexing (CI) system is disclosed herein. For example, the improved CI system may include a distributed architecture of client computing devices, media agents, a single backup and CI database, and a pool of servers. After a file backup occurs, the backup and CI database may include file metadata indices and other information associated with backed up files. Servers in the pool of servers may, in parallel, query the backup and CI database for a list of files assigned to the respective server that have not been content indexed. The servers may then request a media agent to restore the assigned files from secondary storage and provide the restored files to the servers. The servers may then content index the received restored files. Once the content indexing is complete, the servers can send the content index information to the backup and CI database for storage.

公开(公告)号：US20190087279A1

公开(公告)日：2019-03-21

申请号：US16130823

申请日：2018-09-13

申请人： Commvault Systems, Inc.

发明人： Sanath KUMAR ,  Sri Karthik BHAGI ,  Parag GOKHALE ,  Rahul S. PAWAR ,  Arun Prabu DURAISAMY ,  Manoj Kumar PRADHAN ,  Dmitriy Borisovich ZAKHARKIN ,  Prosenjit SINHA ,  Vipul PAWALE ,  Jaya Rama Raju INAVOLU ,  Manas Bhikchand MUTHA ,  Pushpendra SINGH

IPC分类号： G06F11/14 ,  G06F17/30

摘要： An improved content indexing (CI) system is disclosed herein. For example, the improved CI system may include a distributed architecture of client computing devices, media agents, a single backup and CI database, and a pool of servers. After a file backup occurs, the backup and CI database may include file metadata indices and other information associated with backed up files. Servers in the pool of servers may, in parallel, query the backup and CI database for a list of files assigned to the respective server that have not been content indexed. The servers may then request a media agent to restore the assigned files from secondary storage and provide the restored files to the servers. The servers may then content index the received restored files. Once the content indexing is complete, the servers can send the content index information to the backup and CI database for storage.

公开(公告)号：US20230153438A1

公开(公告)日：2023-05-18

申请号：US17526936

申请日：2021-11-15

申请人： Commvault Systems, Inc.

发明人： Sri Karthik BHAGI ,  PurnaChandra Sekhar BEDHAPUDI ,  Pratima Laxman GADHAVE ,  Akhilesh Naga WATHADA

IPC分类号： G06F21/56 ,  G06F21/78 ,  G06F11/14

CPC分类号： G06F21/568 ,  G06F11/1451 ,  G06F11/1464 ,  G06F11/1469 ,  G06F21/78 ,  G06F21/564 ,  G06F21/565

摘要： A client computing device includes an entropy driver and a volume driver for protecting the client computing device against potential ransomware. The entropy driver is configured to determine one or more entropy values for a file in response to a determination that the file has been modified or changed. The determined entropy value may then be compared with a known entropy value for a filetype of the changed or modified file. Where the known entropy value and the determined entropy value differ, the volume driver may engage one or more protection operations to secure the client computing device from further corruption and/or modifications by potential ransomware and/or malware. The protection operations may include revoking and/or restricting one or more permissions on one or more storage volumes of the client computing device and backing up one or more files of the client computing device to secondary storage.

公开(公告)号：US20220206907A1

公开(公告)日：2022-06-30

申请号：US17550231

申请日：2021-12-14

申请人： Commvault Systems, Inc.

发明人： Sri Karthik BHAGI ,  Sunil GUTTA ,  Henry Wallace DORNEMANN ,  Rahul S. PAWAR

IPC分类号： G06F11/14 ,  G06F9/455 ,  G06F3/06 ,  H04L67/1095 ,  G06F11/30 ,  G06F11/20 ,  G06F11/32

摘要： Embodiments disclosed herein include systems and processes for replicating one or more user computing systems of an information management system at an external resource system to create a backup or fallback of the user computing systems. Replicating the user computing systems may include replicating data as well as the applications, operating systems and configuration of the user computing systems. This replicated or fallback user computing system may be implemented on a virtual machine at the external resource system. Thus, if a user computing system becomes inaccessible, a new user computing system can be generated based on the backup copy of the user computing system at the external resource system. Further, in some embodiments, the copy of the user computing system may be interacted with at the external resource system. Thus, certain embodiments disclosed herein can be used to transition an information management system to an external resource system.

公开(公告)号：US20210334171A1

公开(公告)日：2021-10-28

申请号：US17316553

申请日：2021-05-10

申请人： Commvault Systems, Inc.

发明人： Sanath KUMAR ,  Sri Karthik BHAGI ,  Parag GOKHALE ,  Rahul S. PAWAR ,  Arun Prabu DURAISAMY ,  Manoj Kumar PRADHAN ,  Dmitriy Borisovich ZAKHARKIN ,  Prosenjit SINHA ,  Vipul PAWALE ,  Jaya Rama Raju INAVOLU ,  Manas Bhikchand MUTHA ,  Pushpendra SINGH

IPC分类号： G06F11/14 ,  G06F16/13 ,  G06F16/14 ,  G06F16/182

摘要： An improved content indexing (CI) system is disclosed herein. For example, the improved CI system may include a distributed architecture of client computing devices, media agents, a single backup and CI database, and a pool of servers. After a file backup occurs, the backup and CI database may include file metadata indices and other information associated with backed up files. Servers in the pool of servers may, in parallel, query the backup and CI database for a list of files assigned to the respective server that have not been content indexed. The servers may then request a media agent to restore the assigned files from secondary storage and provide the restored files to the servers. The servers may then content index the received restored files. Once the content indexing is complete, the servers can send the content index information to the backup and CI database for storage.