Management of decommissioned server assets in a shared data environment
First Claim
Patent Images
1. A method for monitoring decommissioned servers, the method comprising:
- aggregating, by one or more processors, information associated with an environment, from a plurality of resources external to a server resource, wherein the plurality of resources external to the server resource provide a historical indication on activities related to the server resource within the environment, and wherein the information is directly gathered from monitoring address resolution protocol (ARP) cache data from a router;
analyzing, by one or more processors, the aggregated information associated with the environment;
calculating, by one or more processors, a baseline of server activity, based on a comparison of network activity from the ARP cache data associated with the environment, which shows decommissioned assets continuing to be active;
determining, by one or more processors, whether new information associated with the environment is consistent with the baseline of server activity, wherein network traffic and types of packets from decommissioned assets are used to detect whether new information associated with the environment is consistent with the baseline of server activity; and
responsive to determining that the new information associated with the environment is not consistent with the baseline of server activity, identifying the new information as a possible misuse and flagging the new information associated with unusual server activity.
1 Assignment
0 Petitions
Accused Products
Abstract
Embodiments of the present invention provide systems and methods for monitoring decommissioned servers in a shared data environment. Embodiments of the present invention can be used to aggregate information associated with an environment from external resources, and calculate a baseline of server activity from the aggregated information. When new information is received, it is compared to the baseline of server activity in order to determine a possible misuse of the server assets, when inconsistencies are detected between the baseline of activity and the new information.
-
Citations
1 Claim
-
1. A method for monitoring decommissioned servers, the method comprising:
-
aggregating, by one or more processors, information associated with an environment, from a plurality of resources external to a server resource, wherein the plurality of resources external to the server resource provide a historical indication on activities related to the server resource within the environment, and wherein the information is directly gathered from monitoring address resolution protocol (ARP) cache data from a router; analyzing, by one or more processors, the aggregated information associated with the environment; calculating, by one or more processors, a baseline of server activity, based on a comparison of network activity from the ARP cache data associated with the environment, which shows decommissioned assets continuing to be active; determining, by one or more processors, whether new information associated with the environment is consistent with the baseline of server activity, wherein network traffic and types of packets from decommissioned assets are used to detect whether new information associated with the environment is consistent with the baseline of server activity; and responsive to determining that the new information associated with the environment is not consistent with the baseline of server activity, identifying the new information as a possible misuse and flagging the new information associated with unusual server activity.
-
Specification