公开(公告)号：US10922067B1

公开(公告)日：2021-02-16

申请号：US16793712

申请日：2020-02-18

申请人： BladeLogic Inc.

发明人： Robert E. Reeves

IPC分类号： G06F9/44 ,  G06F8/61 ,  H04L29/08

摘要： One example system includes an export engine to generate an environment agnostic configuration file and an environment properties data structure based on a server program executing in the environment. The environment-agnostic configuration file includes representations of a set of environment dependent attributes from the set of configuration information, each representation for an environment dependent attribute including at least one token that replaces a value of the attribute in the representation, and representations of members of a set of environment independent attributes from the set of configuration information that are equivalent between two different environments. The environment properties data structure has, for each environment, a value that corresponds to the at least one token. An example system may compare previously generated files with current files to identify differences. Differences that represent malicious changes can trigger restoration of the configuration using the previously generated files.

公开(公告)号：US10142215B2

公开(公告)日：2018-11-27

申请号：US14947569

申请日：2015-11-20

申请人： BMC SOFTWARE, INC.

发明人： Danny Deschênes ,  Joe Pei-Wen Hsy ,  Pierre Larose

IPC分类号： H04L9/32 ,  H04L12/26 ,  H04L29/06 ,  G06F15/16

摘要： According to one general aspect, a method of using a first probing device may include monitoring one or more encrypted communications sessions between a first computing device and a second computing device. In some implementations of the method, each encrypted communications session includes transmitting a plurality of encrypted data objects between the first and second computing devices. The method may include deriving, by the first probing device, timing information regarding an encrypted communications session. The method may also include transmitting, from the first probing device to a second probing device, the derived timing information.

公开(公告)号：US20140237560A1

公开(公告)日：2014-08-21

申请号：US14265923

申请日：2014-04-30

申请人： BLADELOGIC, INC.

发明人： Denis KNJAZIHHIN ,  Paul A. REILLY ,  Chet BIRGER ,  David A. SOLIN ,  Carl ADAMS

IPC分类号： G06F21/31

CPC分类号： G06F21/31 ,  G06F21/604 ,  G06F2221/2149 ,  H04L63/0414 ,  H04L63/10 ,  H04L63/20

摘要： Systems and methods for stateless system management are described. Examples include a method wherein a user sends the management system a request to act upon a managed system. The management system determines whether the user is authorized for the requested action. Upon authorization, the management system looks up an automation principal, which is a security principal native to the managed system. The management system retrieves connecting credentials for the automation principal, and connects to the managed system using the retrieved credentials. Once the managed system is connected, the management system performs the requested action on the managed system, and sends the result back to the user.

摘要翻译： 描述了无状态系统管理的系统和方法。 示例包括其中用户向管理系统发送对受管理系统进行操作的请求的方法。 管理系统确定用户是否被授权请求的动作。 经授权后，管理系统将查找自动化主体，该主体是受管系统的本机安全主体。 管理系统检索自动化主体的连接凭证，并使用检索到的凭据连接到受管系统。 一旦被管理系统被连接，管理系统在被管理系统上执行所请求的动作，并将结果发送给用户。

公开(公告)号：US20130311773A1

公开(公告)日：2013-11-21

申请号：US13958283

申请日：2013-08-02

申请人： BladeLogic, Inc.

发明人： David Allen SOLIN ,  Richard Guoyu LIAO

IPC分类号： H04L9/32

CPC分类号： H04L9/3268 ,  H04L9/006 ,  H04L9/0894 ,  H04L2209/805

摘要： A credential store provides for secure storage of credentials. A credential stored in the credential store is encrypted with the public key of a user owning the credential. A first user may provide a credential owned by the first user to a second user. The first user may add credentials owned by the first user to the credential store. An administrator may manage users of the credential store without having the ability to provide credentials to those users.

摘要翻译： 凭证存储提供证书的安全存储。 存储在凭证存储中的凭证用拥有凭证的用户的公钥加密。 第一用户可以向第二用户提供由第一用户拥有的证书。 第一个用户可以将第一个用户拥有的凭据添加到凭证存储。 管理员可以管理凭证存储的用户，而无需向这些用户提供凭据。

公开(公告)号：US08549114B2

公开(公告)日：2013-10-01

申请号：US10414887

申请日：2003-04-16

申请人： Ravi Reddy ,  Vijay G. Manwani ,  Thomas Martin Kraus

发明人： Ravi Reddy ,  Vijay G. Manwani ,  Thomas Martin Kraus

IPC分类号： G06F15/177

CPC分类号： H04L41/022 ,  G06F9/466 ,  G06F11/1471 ,  G06F2201/84 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/082 ,  H04L41/084 ,  H04L41/0853 ,  H04L41/0863 ,  H04L67/10 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1014 ,  H04L67/1034 ,  H04L67/42

摘要： A method and system for configuring heterogeneous servers across a network through modules that can browse, snapshot, track changes, track compliance, correct server objects on each of the servers, and provision new servers is provided. In one embodiment, server objects on multiple servers can be browsed in real time. While browsing, a collection of server object identifiers can be selected and collected in a template. The values of the server objects identified in the template can be recorded for a “gold server” through a “snapshot” process, which collects the values and saves them in a reference model. By comparing other live servers to the reference model, discrepancies in configuration of the other live servers can be identified and corrected. The reference models can also be used to provision a new server. Alternative to the reference model, an arbitrary snapshot or scheduled snapshots of a server can be used to track change and compliance in that server.

公开(公告)号：US08296755B2

公开(公告)日：2012-10-23

申请号：US11768094

申请日：2007-06-25

申请人： Balaji Srinivasa ,  Vijay G. Manwani ,  Thomas Martin Kraus

发明人： Balaji Srinivasa ,  Vijay G. Manwani ,  Thomas Martin Kraus

IPC分类号： G06F9/44 ,  G06F9/445 ,  G06F15/173 ,  G06F11/00

CPC分类号： H04L41/022 ,  G06F9/466 ,  G06F11/1471 ,  G06F2201/84 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/082 ,  H04L41/084 ,  H04L41/0853 ,  H04L41/0863 ,  H04L67/10 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1014 ,  H04L67/1034 ,  H04L67/42

摘要： A method and system for executing and undoing distributed server change operations for a collection of server objects across multiple target servers in a transaction-safe manner is provided. In one embodiment, server change operations for a collection of server objects, such as files and configuration file entries, are specified in a transaction package. The target servers to which the specified change operation are directed are also identified in the transaction package. Parameter values for each of the identified target servers are specified through a parameter file in the transaction package. The transaction package is sent to the identified target servers, which execute the change operations on the target servers in a transaction-safe manner using these parameter values.

摘要翻译： 提供了一种用于以事务安全的方式执行和撤消跨多个目标服务器的服务器对象集合的分布式服务器更改操作的方法和系统。 在一个实施例中，在事务包中指定用于服务器对象的集合的服务器改变操作，诸如文件和配置文件条目。 指定的更改操作所针对的目标服务器也在事务包中标识。 通过事务包中的参数文件指定每个已识别目标服务器的参数值。 事务包被发送到已识别的目标服务器，目标服务器使用这些参数值以事务安全的方式在目标服务器上执行更改操作。

公开(公告)号：US20080104217A1

公开(公告)日：2008-05-01

申请号：US11768094

申请日：2007-06-25

申请人： Balaji Srinivasa ,  Vijay G. Manwani ,  Thomas Martin Kraus

发明人： Balaji Srinivasa ,  Vijay G. Manwani ,  Thomas Martin Kraus

IPC分类号： G06F15/173

CPC分类号： H04L41/022 ,  G06F9/466 ,  G06F11/1471 ,  G06F2201/84 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/082 ,  H04L41/084 ,  H04L41/0853 ,  H04L41/0863 ,  H04L67/10 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1014 ,  H04L67/1034 ,  H04L67/42

摘要： A method and system for executing and undoing distributed server change operations for a collection of server objects across multiple target servers in a transaction-safe manner is provided. In one embodiment, server change operations for a collection of server objects, such as files and configuration file entries, are specified in a transaction package. The target servers to which the specified change operation are directed are also identified in the transaction package. Parameter values for each of the identified target servers are specified through a parameter file in the transaction package. The transaction package is sent to the identified target servers, which execute the change operations on the target servers in a transaction-safe manner using these parameter values.

摘要翻译： 提供了一种用于以事务安全的方式执行和撤消跨多个目标服务器的服务器对象集合的分布式服务器更改操作的方法和系统。 在一个实施例中，在事务包中指定用于服务器对象的集合的服务器改变操作，诸如文件和配置文件条目。 指定的更改操作所针对的目标服务器也在事务包中标识。 通过事务包中的参数文件指定每个已识别目标服务器的参数值。 事务包被发送到已识别的目标服务器，目标服务器使用这些参数值以事务安全的方式在目标服务器上执行更改操作。

公开(公告)号：US20030233571A1

公开(公告)日：2003-12-18

申请号：US10414959

申请日：2003-04-16

申请人： Bladelogic, Inc.

发明人： Thomas Martin Kraus ,  Vijay G. Manwani ,  Sekhar Muddana

IPC分类号： H04L009/00

CPC分类号： H04L41/022 ,  G06F9/466 ,  G06F11/1471 ,  G06F2201/84 ,  H04L41/0803 ,  H04L41/0806 ,  H04L41/082 ,  H04L41/084 ,  H04L41/0853 ,  H04L41/0863 ,  H04L67/10 ,  H04L67/1002 ,  H04L67/1008 ,  H04L67/1014 ,  H04L67/1034 ,  H04L67/42

摘要： A method and system for managing a large number of servers and their server components distributed throughout a heterogeneous computing environment is provided. In one embodiment, an authenticated user, such as a IT system administrator, can securely and simultaneously control and configure multiple servers, supporting different operating systems, through a nullvirtual server.null A virtual server is an abstract model representing a collection of actual target servers. To represent multiple physical servers as one virtual server, abstract system calls that extend execution of operating-system-specific system calls to multiple servers, regardless of their supported operating systems, are used. A virtual server is implemented by a virtual server client and a collection of virtual server agents associated with a collection of actual servers.

摘要翻译： 提供了一种用于管理分布在整个异构计算环境中的大量服务器及其服务器组件的方法和系统。 在一个实施例中，诸如IT系统管理员的认证用户可以通过“虚拟服务器”安全并同时地控制和配置支持不同操作系统的多个服务器。 虚拟服务器是表示实际目标服务器集合的抽象模型。 为了将多个物理服务器表示为一个虚拟服务器，使用抽象系统调用，将操作系统特定的系统调用的执行扩展到多个服务器，而不管其支持的操作系统如何。 虚拟服务器由虚拟服务器客户机和与实际服务器集合相关联的虚拟服务器代理的集合来实现。

公开(公告)号：US10824986B2

公开(公告)日：2020-11-03

申请号：US12977780

申请日：2010-12-23

申请人： Neeran Karnik ,  Abhay Ghaisas

发明人： Neeran Karnik ,  Abhay Ghaisas

IPC分类号： G06Q10/08

摘要： An information technology (IT) asset management system provides for logically grouping IT assets and performing actions on the logical groups. Cluster analysis techniques are used to analyze the configuration data corresponding to IT assets in the IT asset management system, generating proposed logical groups from the clusters determined by the cluster analysis techniques. A system administrator may be allowed to accept or reject the proposed logical groups.

公开(公告)号：US10693948B2

公开(公告)日：2020-06-23

申请号：US15450936

申请日：2017-03-06

申请人： BLADELOGIC, INC.

发明人： Atanu Neogi ,  Ajoy Kumar ,  Soumee Phatak

IPC分类号： H04L29/08 ,  G06F9/50 ,  H04L12/26 ,  H04L12/733 ,  H04L12/911

摘要： In a general aspect, a computer-implemented method can include receiving a request to provision a plurality of containers of an application across a plurality of data center hosts and iteratively placing the plurality of containers on the plurality of data center hosts. The containers can be selected for placement based on one of a locality constraint and an association with previously-placed containers. Placement of a selected container can be based on, at least, compute requirements of the selected container, network requirements of the selected container, configuration of the plurality of data center hosts, and performance metrics for the plurality of data center hosts.