-
公开(公告)号:US08336108B2
公开(公告)日:2012-12-18
申请号:US11867456
申请日:2007-10-04
IPC分类号: G06F21/00
CPC分类号: H04L63/126 , H04L63/14
摘要: A method and system for a communication network containing both trusted peers and untrusted hosts within the network. Trusted peers can collaborate with each other to observe and monitor the activity of the untrusted hosts. In addition, a trusted peer instantiated with a virtual machine can have an operating system kernel collaborate with a hypervisor to determine whether threats are present. A trusted peer that needs particular functionality installed can collaborate with other trusted peers and with an administrative console to have that functionality installed. An untrusted host can have a driver directly inserted into it by an administration console, which will facilitate in the collaboration process.
摘要翻译: 一种用于在网络中包含可信对等体和不可信主机的通信网络的方法和系统。 可信任的对等体可以相互协作来观察和监视不受信任的主机的活动。 此外,与虚拟机实例化的可信对等体可以使操作系统内核与管理程序协作以确定是否存在威胁。 需要安装特定功能的受信任对等体可以与其他受信任的对等体和管理控制台协作来安装该功能。 不受信任的主机可以由管理控制台直接插入驱动程序,这将有助于协作过程。
-
公开(公告)号:US20080320561A1
公开(公告)日:2008-12-25
申请号:US11867456
申请日:2007-10-04
IPC分类号: G06F15/16 , G06F15/173
CPC分类号: H04L63/126 , H04L63/14
摘要: A method and system for a communication network containing both trusted peers and untrusted hosts within the network. Trusted peers can collaborate with each other to observe and monitor the activity of the untrusted hosts. In addition, a trusted peer instantiated with a virtual machine can have an operating system kernel collaborate with a hypervisor to determine whether threats are present. A trusted peer that needs particular functionality installed can collaborate with other trusted peers and with an administrative console to have that functionality installed. An untrusted host can have a driver directly inserted into it by an administration console, which will facilitate in the collaboration process.
摘要翻译: 一种用于在网络中包含可信对等体和不可信主机的通信网络的方法和系统。 可信任的对等体可以相互协作来观察和监视不受信任的主机的活动。 此外,与虚拟机实例化的可信对等体可以使操作系统内核与管理程序协作以确定是否存在威胁。 需要安装特定功能的受信任对等体可以与其他受信任的对等体和管理控制台协作来安装该功能。 不受信任的主机可以由管理控制台直接插入驱动程序,这将有助于协作过程。
-
公开(公告)号:US08949827B2
公开(公告)日:2015-02-03
申请号:US12013314
申请日:2008-01-11
申请人: Daniel Lee Becker , Andrew W. Brandt , Vipul Sharma , Mark James Yourcheck , Stephen C. Carr , Tim Campbell
发明人: Daniel Lee Becker , Andrew W. Brandt , Vipul Sharma , Mark James Yourcheck , Stephen C. Carr , Tim Campbell
CPC分类号: G06F9/45558 , G06F2009/45591
摘要: A method and system provide tracking of a virtual machine by compiling information on the virtual machines in a network and sending the information to an administrative console. The administrative console can then determine the status of the virtual machines in the network. The administrative console can also establish a lineage of a virtual machine and the migration of a virtual machine from one host machine to another host machine. A virtual machine unique identifier assigned to each virtual machine by the system can be modified and used to track each virtual machine and associated host machine. A status can then be determined of the virtual machines, where the status can be a new virtual machine, a previously discovered virtual machine, a duplicated virtual machine, or a cloned virtual machine.
摘要翻译: 方法和系统通过在网络中的虚拟机上编译信息并将信息发送到管理控制台来提供对虚拟机的跟踪。 然后,管理控制台可以确定网络中虚拟机的状态。 管理控制台还可以建立一个虚拟机的血统,并将虚拟机从一台主机迁移到另一台主机。 可以修改由系统分配给每个虚拟机的虚拟机唯一标识符,并用于跟踪每个虚拟机和关联的主机。 然后可以确定虚拟机的状态,其中状态可以是新的虚拟机,先前发现的虚拟机,复制的虚拟机或克隆的虚拟机。
-
公开(公告)号:US20090182928A1
公开(公告)日:2009-07-16
申请号:US12013314
申请日:2008-01-11
申请人: Daniel Lee Becker , Andrew W. Brandt , Vipul Sharma , Mark James Yourcheck , Stephen C. Carr , Tim Campbell
发明人: Daniel Lee Becker , Andrew W. Brandt , Vipul Sharma , Mark James Yourcheck , Stephen C. Carr , Tim Campbell
CPC分类号: G06F9/45558 , G06F2009/45591
摘要: A method and system provide tracking of a virtual machine by compiling information on the virtual machines in a network and sending the information to an administrative console. The administrative console can then determine the status of the virtual machines in the network. The administrative console can also establish a lineage of a virtual machine and the migration of a virtual machine from one host machine to another host machine. A virtual machine unique identifier assigned to each virtual machine by the system can be modified and used to track each virtual machine and associated host machine. A status can then be determined of the virtual machines, where the status can be a new virtual machine, a previously discovered virtual machine, a duplicated virtual machine, or a cloned virtual machine.
摘要翻译: 方法和系统通过在网络中的虚拟机上编译信息并将信息发送到管理控制台来提供对虚拟机的跟踪。 然后,管理控制台可以确定网络中虚拟机的状态。 管理控制台还可以建立虚拟机的血统,并将虚拟机从一台主机迁移到另一台主机。 可以修改由系统分配给每个虚拟机的虚拟机唯一标识符,并用于跟踪每个虚拟机和关联的主机。 然后可以确定虚拟机的状态,其中状态可以是新的虚拟机,先前发现的虚拟机,复制的虚拟机或克隆的虚拟机。
-
5.
公开(公告)号:US20090183173A1
公开(公告)日:2009-07-16
申请号:US12013304
申请日:2008-01-11
申请人: Daniel Lee Becker , Vipul Sharma , Andrew W. Brandt , Dave Sheets
发明人: Daniel Lee Becker , Vipul Sharma , Andrew W. Brandt , Dave Sheets
IPC分类号: G06F9/54
CPC分类号: G06F9/45533 , G06F9/45558 , G06F2009/45595
摘要: A method and system provide information by which a host machine on which a virtual machine is running can be determined via a messaging channel between the virtual machines running on the host machine and the host machine. The virtual machine can then determine whether or not it should be executing. In order for the virtual machine to determine whether it can execute, it will need to know information about the host machine on which it will be running. Similarly, a virtual machine can determine whether it has been exposed to any viruses or whether a particular update has been run by knowing the host machines on which it has been run.
摘要翻译: 一种方法和系统提供可以通过主机上运行的虚拟机与主机之间的消息通道来确定运行虚拟机的主机的信息。 虚拟机然后可以确定它是否应该执行。 为了使虚拟机能够确定它是否可以执行,它将需要知道有关它将要运行的主机的信息。 类似地,虚拟机可以确定是否已经暴露于任何病毒,或者是否知道特定的更新已经运行在其上运行的主机上。
-
6.
公开(公告)号:US08984504B2
公开(公告)日:2015-03-17
申请号:US12013304
申请日:2008-01-11
申请人: Daniel Lee Becker , Vipul Sharma , Andrew W. Brandt , Dave Sheets
发明人: Daniel Lee Becker , Vipul Sharma , Andrew W. Brandt , Dave Sheets
CPC分类号: G06F9/45533 , G06F9/45558 , G06F2009/45595
摘要: A method and system provide information by which a host machine on which a virtual machine is running can be determined via a messaging channel between the virtual machines running on the host machine and the host machine. The virtual machine can then determine whether or not it should be executing. In order for the virtual machine to determine whether it can execute, it will need to know information about the host machine on which it will be running. Similarly, a virtual machine can determine whether it has been exposed to any viruses or whether a particular update has been run by knowing the host machines on which it has been run.
摘要翻译: 一种方法和系统提供可以通过主机上运行的虚拟机与主机之间的消息通道来确定运行虚拟机的主机的信息。 虚拟机然后可以确定它是否应该执行。 为了使虚拟机能够确定它是否可以执行,它将需要知道有关它将要运行的主机的信息。 类似地,虚拟机可以确定是否已经暴露于任何病毒,或者是否知道特定的更新已经运行在其上运行的主机上。
-
-
-
-
-