Reconfigurable virtualized remote computer security system
First Claim
Patent Images
1. An apparatus, comprising:
- one or more computer network interfaces to;
acquire data related to a computer networked environment, andsend information to, and receive information from, a remote location that is external to the apparatus, the remote location including a library of security-related software programs;
a computer-readable storage medium to store information regarding a virtualization environment,wherein the information regarding the virtualization environment includes information regarding a configuration of a first set of network security data collector programs,wherein a particular network security data collector program, of the first set of network security data collector programs, generates computer network security analysis data based on the acquired data; and
one or more data processors upon which the virtualization environment and the one or more network security data collector programs execute;
wherein the virtualization environment facilitates downloading from the remote location of a second set of network security data collector programs, the second set of network security data collector programs being different from the first set of network security data collector programs,wherein the second set of network security data collector programs includes one or more of the security-related software programs from the library;
wherein downloading the second set of network security data collector programs allows different computer network security analysis data, related to the computer networked environment, to be generated by the second set of network security data collector programs and stored in the computer-readable storage medium,wherein downloading the second set of network security data collector programs occurs based on an identification of a new security threat to the computer networked environment, wherein the one or more of the security-related software programs are selected based on the new security threat;
the apparatus further comprising software instructions for execution upon the one or more data processors for detecting a fault condition with respect to a blade containing a particular virtual machine that is configured to perform one or more computer network security operations with respect to the computer networked environment,wherein upon detection of a fault condition, the virtual machine is transferred to another blade within the apparatus, andwherein the transferring of the virtual machine allows the virtual machine to continue to operate in a degraded performance mode.
4 Assignments
0 Petitions
Accused Products
Abstract
Computer-implemented systems and methods are provided for performing computer network security operations with respect to a computer networked environment. A system and method can include deploying a computer network security apparatus at a company'"'"'s location. A virtualization environment is provided for the computer network security apparatus to allow new configurations to be downloaded to the computer network security apparatus after it has been deployed.
-
Citations
17 Claims
-
1. An apparatus, comprising:
-
one or more computer network interfaces to; acquire data related to a computer networked environment, and send information to, and receive information from, a remote location that is external to the apparatus, the remote location including a library of security-related software programs; a computer-readable storage medium to store information regarding a virtualization environment, wherein the information regarding the virtualization environment includes information regarding a configuration of a first set of network security data collector programs, wherein a particular network security data collector program, of the first set of network security data collector programs, generates computer network security analysis data based on the acquired data; and one or more data processors upon which the virtualization environment and the one or more network security data collector programs execute; wherein the virtualization environment facilitates downloading from the remote location of a second set of network security data collector programs, the second set of network security data collector programs being different from the first set of network security data collector programs, wherein the second set of network security data collector programs includes one or more of the security-related software programs from the library; wherein downloading the second set of network security data collector programs allows different computer network security analysis data, related to the computer networked environment, to be generated by the second set of network security data collector programs and stored in the computer-readable storage medium, wherein downloading the second set of network security data collector programs occurs based on an identification of a new security threat to the computer networked environment, wherein the one or more of the security-related software programs are selected based on the new security threat; the apparatus further comprising software instructions for execution upon the one or more data processors for detecting a fault condition with respect to a blade containing a particular virtual machine that is configured to perform one or more computer network security operations with respect to the computer networked environment, wherein upon detection of a fault condition, the virtual machine is transferred to another blade within the apparatus, and wherein the transferring of the virtual machine allows the virtual machine to continue to operate in a degraded performance mode. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method, comprising:
-
acquiring, by one or more processors of a security device, data that is related to a computer networked environment; storing, on a computer-readable storage medium associated with the security device, a virtualization environment that includes a configuration of a first set of network security data collector programs; generating, by the one or more processors of the security device, via the one or more network security data collector programs of the first set of network security data collector programs, computer network security analysis data, the computer network security analysis data being based on the acquired data that is related to the computer networked environment, wherein the generated computer security analysis data indicates a security threat; sending, by the one or more processors of the security device, the generated computer network security analysis data to a remote device, the remote device being physically separate from the security device; receiving, based on the sent computer network security analysis data, by the security device, and from the remote device, a second set of network security data collector programs, the second set of network security data collector programs being different from the first set of network security data collector programs, wherein the second set of network security data collector programs are selected based on an identification of the security threat; replacing, by the security device, the first set of network security data collector programs with the second set of network security data collector programs; acquiring, after replacing the first set of network security data collector programs and by the security device, additional data related to the computer networked environment; generating, by the one or more processors of the security device, via the second set of network security data collector programs, additional computer network security analysis data, the additional computer network security analysis data being based on the additional acquired data that is related to the computer networked environment; detecting a fault condition with respect to a blade, of a particular apparatus comprising a plurality of blades, containing a particular virtual machine that is configured to perform one or more computer network security operations with respect to the computer networked environment; and transferring, based on detecting the fault condition, the particular virtual machine to another blade of the particular apparatus, wherein the transferring of the virtual machine allows the virtual machine to continue to operate in a degraded performance mode. - View Dependent Claims (16)
-
-
17. A non-transitory computer-readable medium, comprising:
a plurality of computer-executable instructions that, when executed by one or more processors of a security device, cause the one or more processors to; acquire data that is related to a computer networked environment; store a virtualization environment that includes a first configuration of a first set of network security data collector programs; generate, via the one or more network security data collector programs of the first set of network security data collector programs, computer network security analysis data, the computer network security analysis data being based on the acquired data that is related to the computer networked environment, wherein the generated computer security analysis data indicates a security threat; send the generated computer network security analysis data to a remote device, the remote device being physically separate from the security device; receive, based on the sent computer network security analysis data, from the remote device, a second set of network security data collector programs, the second set of network security data collector programs being different from the first set of network security data collector programs, wherein the second set of network security data collector programs are selected based on an identification of the security threat; generate, via the second set of network security data collector programs, additional computer network security analysis data related to the computer networked environment; detect a fault condition with respect to a blade, of a particular apparatus comprising a plurality of blades, containing a particular virtual machine that is configured to perform one or more computer network security operations with respect to the computer networked environment; and transfer, based on detecting the fault condition, the particular virtual machine to another blade of the particular apparatus, wherein the transferring of the virtual machine allows the virtual machine to continue to operate in a degraded performance mode.
Specification