System, method and apparatus for enterprise policy management
First Claim
1. A method for enterprise policy management, comprising:
- harvesting metadata about managed objects across network file systems residing in a computing environment, wherein the network file systems operate under various file system protocols at one or more physical locations, wherein the managed objects comprise files and directories, and wherein the harvesting comprises;
interacting with a file system abstraction layer/protocol adaptor to access the managed files and directories across the network file systems;
collecting raw metadata of the managed files and directories;
filtering the raw metadata in real time;
placing the filtered raw metadata in one or more volume metadata caches;
synthesizing synthetic metadata from the filtered raw metadata;
generating content-based metadata, wherein generating content-based metadata for a managed file comprises processing content of the file according to a type of the file to determine one or more content-specific entities within the file;
transforming the filtered raw metadata, the synthetic metadata, and the content-based metadata into metadata records having a common representation, wherein each of the metadata record comprises a set of attributes associated with a file or directory residing on the file systems;
processing the metadata records; and
placing processed metadata records in a metadata repository, each record linking a set of attributes to one of the managed objects in the network file systems;
configuring a management device with at least one filtering mechanism, wherein the management device is coupled to the network file systems and the metadata repository;
enabling a user to define a policy rule via a user interface to the management device, wherein the policy rule comprises a condition and a corresponding action and the condition is associated with the raw metadata, the synthetic metadata or the content-based metadata;
selecting from the metadata repository one or more metadata records having one or more attributes that satisfy the condition defined in the policy rule; and
applying the action defined in the policy rule to one or more of the managed objects in the network file systems that are associated with the one or more metadata records, thereby changing a state of the network file systems in accordance with the policy rule.
3 Assignments
0 Petitions
Accused Products
Abstract
Disclosed are systems, methods and apparatuses for managing objects in an enterprise environment according to policies. According to the invention, each policy rule ties a condition that conceptually lives in a repository to an appropriate action(s). Since each condition can be expressed in terms of metadata, policies can be applied and enforced over managed objects (files and directories) by allowing users to program appropriate corresponding action(s) via manipulating metadata stored in a metadata repository, e.g., a policy could prohibit storing MP3 files in corporate storage. In one embodiment, a user can specify a policy rule that ties the condition “no MP3 files in volumes A-Z” to an action “delete MP3 files from volumes A-Z” via a Web-based user interface. A harvester is disclosed for harvesting metadata across file systems.
-
Citations
20 Claims
-
1. A method for enterprise policy management, comprising:
-
harvesting metadata about managed objects across network file systems residing in a computing environment, wherein the network file systems operate under various file system protocols at one or more physical locations, wherein the managed objects comprise files and directories, and wherein the harvesting comprises; interacting with a file system abstraction layer/protocol adaptor to access the managed files and directories across the network file systems; collecting raw metadata of the managed files and directories; filtering the raw metadata in real time; placing the filtered raw metadata in one or more volume metadata caches; synthesizing synthetic metadata from the filtered raw metadata; generating content-based metadata, wherein generating content-based metadata for a managed file comprises processing content of the file according to a type of the file to determine one or more content-specific entities within the file; transforming the filtered raw metadata, the synthetic metadata, and the content-based metadata into metadata records having a common representation, wherein each of the metadata record comprises a set of attributes associated with a file or directory residing on the file systems; processing the metadata records; and placing processed metadata records in a metadata repository, each record linking a set of attributes to one of the managed objects in the network file systems; configuring a management device with at least one filtering mechanism, wherein the management device is coupled to the network file systems and the metadata repository; enabling a user to define a policy rule via a user interface to the management device, wherein the policy rule comprises a condition and a corresponding action and the condition is associated with the raw metadata, the synthetic metadata or the content-based metadata; selecting from the metadata repository one or more metadata records having one or more attributes that satisfy the condition defined in the policy rule; and applying the action defined in the policy rule to one or more of the managed objects in the network file systems that are associated with the one or more metadata records, thereby changing a state of the network file systems in accordance with the policy rule. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A computer program product comprising one or more computer readable storage media storing instructions translatable by one or more processors to perform:
-
harvesting metadata about managed objects across network file systems residing in a computing environment, wherein the network file systems operate under various file system protocols at one or more physical locations and wherein the managed objects comprise files and directories, wherein the harvested metadata comprises filtered raw metadata, synthetic metadata and content-based metadata and the content-based metadata for a managed file is generated by processing content of the file according to a type of the file to determine one or more content-specific entities within the file; storing records of harvested metadata in a metadata repository, each record linking a set of attributes to one of the managed objects in the network file systems; configuring a management device with at least one filtering mechanism, wherein the management device is coupled to the network file systems and the metadata repository; enabling a user to define a policy rule via a user interface to the management device, wherein the policy rule comprises a condition and a corresponding action and the condition is associated with the raw metadata, the synthetic metadata or the content-based metadata; selecting from the metadata repository one or more metadata records having one or more attributes that satisfy the condition defined in the policy rule; and applying the action defined in the policy rule to one or more of the managed objects in the network file systems that are associated with the one or more metadata records, thereby changing a state of the network file systems in accordance with the policy rule. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A system for enterprise policy management, comprising:
-
a management device coupled to network file systems over a network, wherein the file systems operate under various file system protocols at one or more physical locations and wherein the management device is configured with at least one filtering mechanism and a user interface; one or more processors; and one or more computer readable storage media storing instructions translatable by the one or more processors to perform; harvesting metadata about managed objects across the network file systems, wherein the managed objects comprise files and directories, wherein the harvested metadata comprises filtered raw metadata, synthetic metadata and content-based metadata and the content-based metadata for a managed file is generated by processing content of the file according to a type of the file to determine one or more content-specific entities within the file; storing records of harvested metadata in a metadata repository, each record linking a set of attributes to one of the managed objects in the network file systems; enabling a user to define a policy rule via the user interface to the management device, wherein the policy rule comprises a condition and a corresponding action and the condition is associated with the raw metadata, the synthetic metadata or the content-based metadata; selecting from the metadata repository one or more metadata records having one or more attributes that satisfy the condition defined in the policy rule; and applying the action defined in the policy rule to one or more of the managed objects in the network file systems that are associated with the one or more metadata records, thereby changing a state of the network file systems in accordance with the policy rule. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification