摘要:
Architecture that provides model-based systems management in virtualized and non-virtualized environments. A security component provides security models which define security requirements for services. A management component applies one or more of the security models during the lifecycle of virtual machines and services. The lifecycle can include initial deployment, expansion, moving servers, monitoring, and reporting. The architecture creates a formal description model of how a virtual machine or a service (composition of multiple virtual machines) is secured. The security requirements information can also be fed back to the general management system which uses this information in its own activities such as to guide the placement of workloads on servers can be security related.
摘要:
Architecture that provides additional data that can be obtained and employed in security models in order to provide security to services over the service lifecycle. The architecture automatically propagates security classifications throughout the lifecycle of the service, which can include initial deployment, expansion, moving servers, monitoring, and reporting, for example, and further include classification propagation from the workload (computer), classification propagation in the model, classification propagation according to the lineage of the storage location (e.g., virtual hard drive), status propagation in the model and classification based on data stored in the machine.
摘要:
Architecture that provides additional data that can be obtained and employed in security models in order to provide security to services over the service lifecycle. The architecture automatically propagates security classifications throughout the lifecycle of the service, which can include initial deployment, expansion, moving servers, monitoring, and reporting, for example, and further include classification propagation from the workload (computer), classification propagation in the model, classification propagation according to the lineage of the storage location (e.g., virtual hard drive), status propagation in the model and classification based on data stored in the machine.
摘要:
Described herein are one or more implementations of a policy-management infrastructure that provides a universal policy-based solution across a spectrum of scenarios in a computing environment. At least one implementation of the policy-management infrastructure defines how policy-based data is structured or layered relative towards the data in other layers. Furthermore, a described implementation provides a mechanism for determining “overlap” and “conflicts” in policies.
摘要:
Described herein are one or more implementations of a policy-management infrastructure that provides a universal policy-based solution across a spectrum of scenarios in a computing environment. At least one implementation of the policy-management infrastructure defines how policy-based data is structured or layered relative towards the data in other layers. Furthermore, a described implementation provides a mechanism for determining “overlap” and “conflicts” in policies.
摘要:
Described is a technology by which a system corresponding to a large scale application is built from subsystems that are differentiated from one another based on characteristics of each subsystem. Example characteristics include availability, reliability, redundancy, statefulness and/or performance. Subsystems are matched to known design patterns, based on each subsystem's individual characteristics. Each subsystem's characteristics are associated with that subsystem for subsequent use in operation of the system, e.g., for managing/servicing the subsystem. The known design patterns may be provided in a library, in a programming framework, in conjunction with a development tool, and/or as data associated with one or more operating system services, server systems and/or hosted services that include at least one configuration, policy and or schema. Certain design patterns and/or characteristics patterns may be blocked to prevent their usage.
摘要:
Model-based system monitoring includes accessing a model of a system that includes multiple components and executing a monitoring policy to monitor performance of the system. A notification of a problem is received from a first component. A determination is made regarding the cause of the problem. The determination is made, at least in part, based on the model of the system. At least one component associated with the cause of the problem is then identified.
摘要:
Model-based system monitoring includes identifying multiple monitors configured to monitor multiple components in a system, and accessing multiple health models associated with the multiple monitors. A monitoring policy is generated to monitor the system. The monitoring policy is derived, at least in part, from the multiple health models.
摘要:
Automation of retrieval of stored graphs in a multi-user system having a central processing facility with processes that create and translate graphical representation into varying levels of readable expression. The created, translated representations are stored in system storage in the form of graph files. The invention is expressed as a method that tabularizes stored graph files by table entries, each identifying a specific graph and including a listing of the corresponding graph files produced for the graph. When a user of the system identifies a graph by table entry and specifies a machine output or modification function to be performed on the identified graph, the tabularized entries are searched to locate an entry for the identified graph. Once the correct table entry is found, the graph file listing is searched according to a user-specified representation preference ordering in the form of a priority schedule to determine whether a specified output function can be performed with any of the stored graph files stored for the identified graph. If a match is found between one of the representations stored for the graph and one of the representations in the priority schedule, the matched file is retrieved from storage and translated to the level required for the function. The translated file is then dispatched to a graphical output device for performance of the function.
摘要:
Model-based system monitoring includes accessing a model of a system that includes multiple components and identifying relationships among the multiple components based on the model of the system. A proposed change to at least one of the multiple components is identified. A determination is made regarding an expected impact on the system caused by the proposed change. This determination is made, at least in part, based on the model of the system.