中科微点-全球专利检索

  1. Login
  2. Sign Up

Search Results

18 records (took 0.014 seconds)

    CONTEXT-AWARE SERVICE QUERY FILTERING
    1.
    发明公开
    CONTEXT-AWARE SERVICE QUERY FILTERING 审中-公开

    公开(公告)号:US20230208810A1

    公开(公告)日:2023-06-29

    申请号:US17673841

    申请日:2022-02-17

    Applicant: VMWARE, INC.

    Inventor: VASANTHA KUMAR DHANASEKAR SHIRISH VIJAYVARGIYA LEENA SHUKLENDU SOMAN

    IPC: H04L9/40

    CPC classification number: H04L63/0254 H04L63/1491 H04L63/205

    Abstract: Example methods and systems for a computer system to perform context-aware service query filtering are described. One example may involve a computer system intercepting a service query from a virtualized computing instance to pause forwarding of the service query towards a destination; and obtaining context information associated with an application running on the virtualized computing instance. In response to determination that the service query is a potential security threat based on the context information, service query filtering may be performed to inspect the service query for malicious activity. Otherwise, in response to determination that the service query is not a potential security threat based on the context information, the service query filtering may be skipped and the service query forwarded towards the destination.

    ASSOCIATING SECURITY TAGS TO CONTINUOUS DATA PROTECTION CHECKPOINTS/SNAPSHOTS/POINT-IN-TIME IMAGES
    2.
    发明申请
    ASSOCIATING SECURITY TAGS TO CONTINUOUS DATA PROTECTION CHECKPOINTS/SNAPSHOTS/POINT-IN-TIME IMAGES 有权

    公开(公告)号:US20210173689A1

    公开(公告)日:2021-06-10

    申请号:US16805873

    申请日:2020-03-02

    Applicant: VMWARE, INC.

    Inventor: SUNIL HASBE SHIRISH VIJAYVARGIYA

    IPC: G06F9/455 G06F11/14 G06F21/56

    Abstract: An in-guest agent in a virtual machine (VM) operates in conjunction with a replication module. The replication module performs continuous data protection (CDP) by saving images of the VM as checkpoints at a disaster recovery site over time. Concurrently, the in-guest agent monitors for behavior in the VM that may be indicative of the presence of malicious code. If the in-guest agent identifies behavior (at a particular point in time) at the VM that may be indicative of the presence of malicious code, the replication module can tag a checkpoint that corresponds to the same particular point in time as a security risk. One or more checkpoints generated prior to the particular time may be determined to be secure checkpoints that are usable for restoration of the VM.

    DATA-PLANE APPROACH FOR POLICY CONFIGURATION
    3.
    发明申请
    DATA-PLANE APPROACH FOR POLICY CONFIGURATION 有权

    公开(公告)号:US20240422195A1

    公开(公告)日:2024-12-19

    申请号:US18230695

    申请日:2023-08-07

    Applicant: VMWARE, INC.

    Inventor: VASANTHA KUMAR DHANASEKAR DIMITRIOS SIKERIDIS SHIRISH VIJAYVARGIYA SRIRAM GOPALAKRISHNAN

    IPC: H04L9/40 G06F9/455

    Abstract: Example methods and systems for policy configuration using a data-plane approach are described. In one example, a first computer system may detect first data- plane packet(s) for establishing a connection between (a) a first virtualized computing instance and (b) a second computer system from which a resource is accessible. The first computer system may extract, from the first data-plane packet(s), parameter information associated with the connection; and configure a policy that is applicable for access control of the resource based on the parameter information. In response to detecting second data-plane packet(s) to access the resource, the computer system may apply the policy to allow or block forwarding of the second data-plane packet towards the second computer system. The second data-plane packet may originate from (a) the first virtualized computing instance or (b) a second virtualized computing instance supported by the first computer system.

    METHOD OF APPLYING SECURITY POLICIES TO VIRTUAL COMPUTING INSTANCES
    4.
    发明公开
    METHOD OF APPLYING SECURITY POLICIES TO VIRTUAL COMPUTING INSTANCES 审中-公开

    公开(公告)号:US20240015184A1

    公开(公告)日:2024-01-11

    申请号:US17903035

    申请日:2022-09-05

    Applicant: VMWARE, INC.

    Inventor: SHIRISH VIJAYVARGIYA NAKUL OGALE SUNIL HASBE ROSHAN KOLHE

    IPC: H04L9/40 G06F9/455

    CPC classification number: H04L63/20 G06F9/45558 H04L63/1433 G06F2009/45587 G06F2009/45595 G06F2009/45562

    Abstract: A method of applying a security policy to a virtual computing instance, according to an embodiment, includes: determining that a universally unique identifier (UUID) of the virtual computing instance does not match an identifier stored in a configuration file of the virtual computing instance; transmitting a request to register the virtual computing instance with a cloud platform for managing security policies of a virtual infrastructure that includes the virtual computing instance, the request including the UUID of the virtual computing instance and the identifier stored in the configuration file of the virtual computing instance; in response to the request, receiving an identifier of a security policy to be applied; and retrieving the security policy and applying the security policy to the virtual computing instance.

    MITIGATING SERVICE OVERRUNS
    5.
    发明申请
    MITIGATING SERVICE OVERRUNS 有权

    公开(公告)号:US20220109629A1

    公开(公告)日:2022-04-07

    申请号:US16952212

    申请日:2020-11-19

    Applicant: Vmware, Inc.

    Inventor: SHIRISH VIJAYVARGIYA Sunil Hasbe

    IPC: H04L12/801 G06F9/455

    Abstract: Embodiments of the present disclosure relate to a method for preventing a service executing on a host machine from overrunning. The method receives, by the service running on the host machine, one or more packets via a data path. The method determines that the service is in or approaching an overrun state. Upon the determining, the method identifies a set of one or more virtual computing instances (VCIs) running on the host machine, and sends, via a first path different than the data path, a set of one or more signals to the set of VCIs, the one or more signals indicating to the set of VCIs to slow down transmitting network traffic via the data path.

    SECURITY POLICY ENFORCEMENT FOR ADDITIONAL INSTANCES OF AN APPLICATION
    7.
    发明公开
    SECURITY POLICY ENFORCEMENT FOR ADDITIONAL INSTANCES OF AN APPLICATION 审中-公开

    公开(公告)号:US20240205191A1

    公开(公告)日:2024-06-20

    申请号:US18106526

    申请日:2023-02-07

    Applicant: VMWARE, INC.

    Inventor: SHIRISH VIJAYVARGIYA VASANTHA KUMAR DHANASEKAR SRIRAM GOPALAKRISHNAN

    IPC: H04L9/40

    CPC classification number: H04L63/0263 H04L63/20

    Abstract: The disclosure provides an approach for firewall policy management. Embodiments include receiving, at a firewall from a first virtual computing instance (VCI), a registration request comprising a first identifier of the first VCI and a second identifier of a second VCI. Embodiments include determining, at the firewall, based on the second identifier included in the registration request, that the second VCI is associated with a network security policy at the firewall. Embodiments include applying, at the firewall, based on the first identifier included in the registration request, the network policy associated with the second VCI to the first VCI. Additionally, embodiments include allowing or disallowing network activity for the first VCI based on the applied network security policy.

    CONTAINER VISIBILITY AND OBSERVABILITY
    8.
    发明公开
    CONTAINER VISIBILITY AND OBSERVABILITY 审中-公开

    公开(公告)号:US20240020146A1

    公开(公告)日:2024-01-18

    申请号:US17950132

    申请日:2022-09-22

    Applicant: VMWARE, INC.

    Inventor: SHIRISH VIJAYVARGIYA SUNIL HASBE

    IPC: G06F9/455

    CPC classification number: G06F9/45558 G06F2009/45591 G06F2009/45595 G06F2009/45575 G06F2009/45587

    Abstract: Computer-implemented methods, media, and systems for providing container visibility and observability are disclosed. In one computer-implemented method, a host device connected to a cloud server detects a plurality of events comprising a first event, wherein the host device hosts a plurality of containers that generate the plurality of events. The host device identifies a first container identifier of the first event, checks a container tracking database to determine if the container tracking database includes the first container identifier. In response to determining that the container tracking database does not include the first container identifier, the host device creates a container start event indicating a start of a first container identified by the first container identifier, and sends the container start event to the cloud server for providing a container inventory that reflects statuses of the plurality of events and the plurality of containers in the host device.

    OPTIMIZING INSTANT CLONES THROUGH CONTENT BASED READ CACHE
    10.
    发明公开
    OPTIMIZING INSTANT CLONES THROUGH CONTENT BASED READ CACHE 审中-公开

    公开(公告)号:US20230251967A1

    公开(公告)日:2023-08-10

    申请号:US17684450

    申请日:2022-03-02

    Applicant: VMWARE, INC.

    Inventor: SHIRISH VIJAYVARGIYA

    IPC: G06F12/0802 G06F9/455

    CPC classification number: G06F12/0802 G06F9/45558 G06F2212/65

    Abstract: The disclosure provides an approach for content based read cache (CBRC) digest file creation. Embodiments include determining a mapping between entries in a CBRC and physical block addresses (PBAs) associated with a source virtual machine (VM). Embodiments include creating a clone VM based on the source VM. Embodiments include, for each data block associated with the clone VM: determining a PBA associated with a logical block address (LBA) of the data block, determining, based on the mapping, whether data associated with the PBA is cached in the CBRC, and, if the data associated with the PBA is cached in the CBRC, copying a hash of the data from a first digest file of the source VM to a second digest file of the clone VM and associating the hash with the LBA in the second digest file.

Patent Agency Ranking