Determining network security policies during data center migration and detecting security violation
First Claim
Patent Images
1. A method comprising:
- receiving input data from a source environment to a destination data center environment wherein the source environment comprises a plurality of servers and one or more applications running on at least one of the servers;
discovering from the received data one or more patterns wherein the patterns comprise information regarding one or more of the plurality of servers running one or more of the applications that collectively perform a service;
analyzing the patterns to learn a recurring pattern, wherein learning the recurring pattern further comprises applying a multi-label learning algorithm to categorize the one or more discovered patterns;
determining a security policy for the recurring pattern;
storing the recurring pattern and the security policy determined for the recurring pattern in a database; and
implementing the determined security policy in the destination data center environment.
1 Assignment
0 Petitions
Accused Products
Abstract
Input data are received from a source environment comprising a plurality of servers and one or more applications running on at least one of the servers. One or more patterns are discovered from the received data comprising information regarding the plurality of servers running applications that collectively perform a service. The patterns are analyzed to learn a recurring pattern. A security policy is designed for the recurring pattern. The recurring pattern and the security policy designed for the recurring pattern is stored in a database.
23 Citations
17 Claims
-
1. A method comprising:
-
receiving input data from a source environment to a destination data center environment wherein the source environment comprises a plurality of servers and one or more applications running on at least one of the servers; discovering from the received data one or more patterns wherein the patterns comprise information regarding one or more of the plurality of servers running one or more of the applications that collectively perform a service; analyzing the patterns to learn a recurring pattern, wherein learning the recurring pattern further comprises applying a multi-label learning algorithm to categorize the one or more discovered patterns; determining a security policy for the recurring pattern; storing the recurring pattern and the security policy determined for the recurring pattern in a database; and implementing the determined security policy in the destination data center environment. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. An apparatus, comprising:
-
a memory; and a processor operatively coupled to the memory and configured to; receive input data from a source environment to a destination data center environment wherein the source environment comprises a plurality of servers and one or more applications running on at least one of the servers; discover from the received data one or more patterns wherein the patterns comprise information regarding one or more of the plurality of servers running one or more of the applications that collectively perform a service; analyze the patterns to learn a recurring pattern, wherein learning the recurring pattern further comprises applying a multi-label learning algorithm to categorize the one or more discovered patterns; determine a security policy for the recurring pattern; store the recurring pattern and the security policy determined for the recurring pattern in a database; and implement the determined security policy in the destination data center environment. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. An article of manufacture comprising a computer readable storage medium for storing computer readable program code which, when executed, causes a computer to:
-
receive input data from a source environment to a destination data center environment wherein the source environment comprises a plurality of servers and one or more applications running on at least one of the servers; discover from the received data one or more patterns wherein the patterns comprise information regarding one or more of the plurality of servers running one or more of the applications that collectively perform a service; to analyze the patterns to learn a recurring pattern, wherein learning the recurring pattern further comprises applying a multi-label learning algorithm to categorize the one or more discovered patterns; to determine a security policy for the recurring pattern; to store the recurring pattern and the security policy determined for the recurring pattern in a database; and implement the determined security policy in the destination data center environment. - View Dependent Claims (14, 15, 16, 17)
-
Specification