Big data analytics in a converged infrastructure system
First Claim
Patent Images
1. A method for analyzing data in a converged infrastructure system, the converged infrastructure comprising a data network, a network switch, and a storage network, the method comprising:
- capturing metadata associated with network traffic in the converged infrastructure via a Switch port analyzer (SPAN port) on the network switch enabled to collect the metadata from the data network;
wherein components of the converged infrastructure reside on a single rack;
capturing content data associated with the metadata via the SPAN port on the network switch enabled to collect the metadata from the data network;
capturing storage data associated with the metadata from the storage network connected to the network switch of the converged infrastructure;
sending, via the SPAN port, the storage data, the content data, and the metadata to a network monitoring connection; and
reconstructing network traffic path data corresponding to passwords that are stored in the storage network, identifying abnormal access patterns for the passwords and generating an indication of the abnormal access patterns by unknown destination devices by performing data analytics on the metadata, storage data, and the content data, wherein the abnormal access patterns include transmission of the passwords from different ranges of source IP addresses to one or more unknown destination devices.
9 Assignments
0 Petitions
Accused Products
Abstract
A method, a computer program product, a system for analyzing data in a converged infrastructure system, comprising capturing metadata associated with a network path via a port on a network switch enabled to collect metadata; capturing content data associated with the metadata via the port on the network switch enabled to collect metadata; and performing data analytics on the metadata and the content data.
23 Citations
15 Claims
-
1. A method for analyzing data in a converged infrastructure system, the converged infrastructure comprising a data network, a network switch, and a storage network, the method comprising:
-
capturing metadata associated with network traffic in the converged infrastructure via a Switch port analyzer (SPAN port) on the network switch enabled to collect the metadata from the data network;
wherein components of the converged infrastructure reside on a single rack;capturing content data associated with the metadata via the SPAN port on the network switch enabled to collect the metadata from the data network; capturing storage data associated with the metadata from the storage network connected to the network switch of the converged infrastructure; sending, via the SPAN port, the storage data, the content data, and the metadata to a network monitoring connection; and reconstructing network traffic path data corresponding to passwords that are stored in the storage network, identifying abnormal access patterns for the passwords and generating an indication of the abnormal access patterns by unknown destination devices by performing data analytics on the metadata, storage data, and the content data, wherein the abnormal access patterns include transmission of the passwords from different ranges of source IP addresses to one or more unknown destination devices. - View Dependent Claims (2, 7, 8, 9)
-
-
3. A computer program product for analyzing data in a converged infrastructure system including a data network, a network switch, and a storage network, the computer program product comprising:
-
a non-transitory computer readable medium encoded with computer executable program code, the code configured to enable one or more processor to execute; capturing metadata associated with network traffic in the converged infrastructure via a Switch port analyzer (SPAN port) on the network switch enabled to collect the metadata from the data network;
wherein components of the converged infrastructure reside on a single rack;capturing content data associated with the metadata via the SPAN port on the network switch enabled to collect the metadata from the data network; capturing storage data associated with the metadata from the storage network connected to the network switch of the converged infrastructure; sending, via the SPAN port, the storage data, the content data, and the metadata to a network monitoring connection; and reconstructing network traffic path data corresponding to passwords that are stored in the storage network, identifying abnormal access patterns for the passwords and generating an indication of the abnormal access patterns by unknown destination devices by performing data analytics on the metadata, storage data, and the content data, wherein the abnormal access patterns include transmission of the passwords from different ranges of source IP addresses to one or more unknown destination devices. - View Dependent Claims (4, 10, 11, 12)
-
-
5. A system for analyzing data in a converged infrastructure system, the system comprising:
-
a data network; a storage network; a network switch; and computer-executable logic operating in memory, wherein the computer-executable logic is configured for execution of; capturing metadata associated with network in the converged infrastructure via a Switch port analyzer (SPAN port) on the network switch enabled to collect the metadata from the data network;
wherein components of the converged infrastructure reside on a single rack;capturing content data associated with the metadata via the SPAN port on the network switch enabled to collect the metadata from the data network; capturing storage data associated with the metadata from the storage network connected to the network switch of the converged infrastructure; sending, via the SPAN port, the storage data, the content data, and the metadata to a network monitoring connection; and reconstructing network traffic path data corresponding to passwords that are stored in the storage network, identifying abnormal access patterns for the passwords and generating an indication of the abnormal access patterns by unknown destination devices by performing data analytics on the metadata, storage data, and the content data, wherein the abnormal access patterns include transmission of the passwords from different ranges of source IP addresses to one or more unknown destination devices. - View Dependent Claims (6, 13, 14, 15)
-
Specification