Security assessment of virtual machine environments
First Claim
Patent Images
1. A method comprising:
- identifying each virtual machine in a set of virtual machines managed by a virtual machine manager;
determining, for each virtual machine in the set, whether the respective virtual machine is online, wherein a first subset is determined to be offline and a second subset is determined to be online;
collecting, for each virtual machine in the first subset, a machine image of the virtual machine via the virtual machine manager;
causing a security tool authenticated by the virtual machine manager to assess security of each virtual machine in the first subset from the collected machine images;
loading a respective agent, via an application programming interface (API) of the virtual machine manager, on each virtual machine in the second subset, wherein each agent comprises logic to perform one or more security assessments within the corresponding online virtual machine and the API permits selective access to firewalled protected virtualized resources in the second subset of virtual machines; and
using the agents loaded on the virtual machines in the second subset to assess security of the corresponding virtual machines.
10 Assignments
0 Petitions
Accused Products
Abstract
Each virtual machine in a set of virtual machines managed by the virtual machine manager is identified. For each virtual machine in the set, it is determined whether the respective virtual machine is online. For at least the virtual machines determined to be offline, a machine image is collected for each offline virtual machine. Security of the offline virtual machines is assessed from the collected images. For virtual machines identified as online, an agent is loaded on each online virtual machine in the set via the virtual machine manager. The loaded agents are used to assess security of the online virtual machines in the set.
-
Citations
19 Claims
-
1. A method comprising:
-
identifying each virtual machine in a set of virtual machines managed by a virtual machine manager; determining, for each virtual machine in the set, whether the respective virtual machine is online, wherein a first subset is determined to be offline and a second subset is determined to be online; collecting, for each virtual machine in the first subset, a machine image of the virtual machine via the virtual machine manager; causing a security tool authenticated by the virtual machine manager to assess security of each virtual machine in the first subset from the collected machine images; loading a respective agent, via an application programming interface (API) of the virtual machine manager, on each virtual machine in the second subset, wherein each agent comprises logic to perform one or more security assessments within the corresponding online virtual machine and the API permits selective access to firewalled protected virtualized resources in the second subset of virtual machines; and using the agents loaded on the virtual machines in the second subset to assess security of the corresponding virtual machines. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. At least one non-transitory, machine-accessible storage medium having instructions stored thereon, the instructions when executed on a machine, cause the machine to:
-
identify each virtual machine in a set of virtual machines managed by a particular virtual machine manager; determine, for each virtual machine in the set of virtual machines, whether the respective virtual machine is online, wherein a first subset is determined to be offline and a second subset is determined to be online; collect, for each virtual machine in the first subset, a machine image of the virtual machine via the particular virtual machine manager; cause a security tool authenticated by the virtual machine manager to assess security of each virtual machine in the first subset from the collected machine images; load, on each virtual machine in the second subset, a respective agent, via an application programming interface (API) of the virtual machine manager, wherein each agent comprises logic to perform one or more security assessments within the corresponding online virtual machine and the API permits selective access to firewalled protected virtualized resources in the second subset of virtual machines; and direct the agents loaded on the virtual machines in the second subset to assess security of the corresponding virtual machines.
-
-
19. A system comprising:
-
at least one processor device; at least one memory element; and a security assessment module, adapted when executed by the at least one processor device to; identify each virtual machine in a set of virtual machines managed by a particular virtual machine manager; determine, for each virtual machine in the set of virtual machines, whether the respective virtual machine is online, wherein a first subset is determined to be offline and a second subset is determined to be online; collect, for each virtual machine in the first subset, a machine image of the virtual machine via the particular virtual machine manager; cause a security tool authenticated by the virtual machine manager to assess security of each virtual machine in the first subset from the collected machine images; load, via an API of the virtual machine manager, a respective agent, on each virtual machine in the second subset, wherein each agent comprises logic to perform one or more security assessments within the corresponding online virtual machine and the API permits selective access to firewalled protected virtualized resources in the second subset of virtual machines; and direct the agents loaded on the virtual machines in the second subset to assess security of the corresponding virtual machines.
-
Specification