公开(公告)号：US20160359907A1

公开(公告)日：2016-12-08

申请号：US14728584

申请日：2015-06-02

Applicant: VMware, Inc.

Inventor： William LAM

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F21/629 ,  H04L63/1433

Abstract: In a computer-implemented method for automatically auditing virtual machines for security hardening compliance security policies of virtual machines in a virtualization infrastructure are accessed by a centralized compliance manager of the virtualization infrastructure. Security hardening compliance of the virtual machines automatically audited based on the security policies by the centralized compliance manager.

Abstract translation: 在用于自动审计虚拟机以实现安全性强化的计算机实现的方法中，虚拟化基础设施中的虚拟机的安全策略由虚拟化基础设施的集中式合规管理器访问。 根据中央合规经理的安全策略自动审核虚拟机的安全性加强合规性。

公开(公告)号：US20220382849A1

公开(公告)日：2022-12-01

申请号：US17399088

申请日：2021-08-11

Applicant: VMWARE, INC.

Inventor： Avi SHARMA ,  Sri Narayanan THANGA NADAR ,  Shivakumar SOMAPUR ,  Ashok ALETTY ,  Kshitiz SHARMA ,  Gyanendra Pratap SINGH ,  William LAM ,  Ankita SHARMA ,  Ahil KANNA

IPC: G06F21/44 ,  G06F21/30 ,  G06F9/50 ,  G06F9/455

Abstract: Credentials management and usage in application modernization can be implemented as computer-readable methods, media and systems. A notification identifying an application modernization operation is received. The operation is to be performed on an application deployed by multiple resources arranged in multiple hierarchical levels. A resource residing at a hierarchical level of the multiple hierarchical levels is identified. The application modernization operation is to be performed on the identified resource which has a resource type. A search for a credential is performed. The credential grants access to the resource to enable performing the application modernization operation. In response to the searching, a credential included in the multiple credentials is identified. The identified credential grants access either to the resource or to resources of the resource type. In response to receiving the notification, the identified credential is provided.

公开(公告)号：US20160359906A1

公开(公告)日：2016-12-08

申请号：US14728484

申请日：2015-06-02

Applicant: VMware, Inc.

Inventor： William LAM

IPC: H04L29/06

CPC classification number: H04L63/20 ,  G06F21/629

Abstract: In a computer-implemented method for automatic security hardening of an entity at time of creation in a virtualization infrastructure, creation of an entity is initiated in the virtualization infrastructure. In response to initiating provisioning of the entity, security policy is automatically associated to the entity such that the entity is automatically security hardened at the time of provisioning.

Abstract translation: 在虚拟化基础设施中创建时，实体自动安全加固的计算机实现方法中，在虚拟化基础架构中启动实体的创建。 响应于实体的发起配置，安全策略自动地与实体相关联，使得实体在配置时自动进行安全加密。

公开(公告)号：US20220066787A1

公开(公告)日：2022-03-03

申请号：US17403399

申请日：2021-08-16

Applicant: VMware, Inc.

Inventor： Andrei WARKENTIN ,  Harvey TUCH ,  William LAM

IPC: G06F9/4401 ,  G06F9/455 ,  G06F8/61

Abstract: Examples provide for automatically provisioning hosts in a cloud environment. A cloud daemon generates a cloud host-state configuration, for a given cloud instance of a host, stored on a cloud metadata service prior to first boot of the given cloud instance of the host. A first boot of a plurality of cloud instances of hosts is performed using a stateless, master boot image lacking host-specific configuration data. On completion of the first boot of a given cloud instance of a host, the cloud host-state configuration is installed on the master boot image to generate a self-configured boot image including host-specific configuration data for the given cloud instance of the host. A second boot is performed on the given cloud instance of the host by executing the self-configured boot image to automatically provision the given cloud instance of the host in the cloud environment.

公开(公告)号：US20160359908A1

公开(公告)日：2016-12-08

申请号：US14728659

申请日：2015-06-02

Applicant: VMware, Inc.

Inventor： William LAM

IPC: H04L29/06 ,  G06F9/455

CPC classification number: H04L63/20 ,  G06F9/45558 ,  G06F2009/45587 ,  H04L63/1433

Abstract: In a computer-implemented method for automatic real-time alerting of security hardening non-compliance security policies of virtual machines in a virtualization infrastructure are accessed. Impending non-compliance of at least one of said security policies is determined. In response to the impending non-compliance of at least one of said security policies, a real-time alert of the impending non-compliance of at least one of the security policies is automatically generated.

Abstract translation: 在计算机实现的方法中，可以访问虚拟化基础设施中虚拟机的安全性强化不合规安全策略的自动实时警报。 确定至少一个所述安全策略的不遵守。 响应于即将不遵守所述安全策略中的至少一个，自动生成对即将发生的至少一个安全策略的违规的实时警报。

公开(公告)号：US20160357968A1

公开(公告)日：2016-12-08

申请号：US14728720

申请日：2015-06-02

Applicant: VMware, Inc.

Inventor： William LAM

IPC: G06F21/57 ,  G06F9/455

Abstract: In a computer-implemented method for security hardening of a virtual machine at time of creation, creation of a virtual machine hosted by a pre-configured hyper-converged computing device is initiated in a virtualization infrastructure, wherein a centralized management tool is for centralized management of the virtualization infrastructure. User selected parameters for a security policy are accessed via the centralized management tool. The security policy is associated to the virtual machine such that the virtual machine is security hardened at the time of creation, wherein the security policy associated with the virtual machine comprises the user selected parameters.

Abstract translation: 在用于在创建时对虚拟机进行安全加固的计算机实现的方法中，在虚拟化基础设施中启动由预配置的超融合计算设备托管的虚拟机的创建，其中集中管理工具用于集中管理 的虚拟化基础设施。 通过集中管理工具访问用户选择的安全策略参数。 安全策略与虚拟机相关联，使得虚拟机在创建时被安全地加强，其中与虚拟机相关联的安全策略包括用户选择的参数。