SYSTEM AND METHOD FOR DISCOVERY ENRICHMENT IN AN INTELLIGENT WORKLOAD MANAGEMENT SYSTEM
First Claim
1. A system for discovery enrichment in an intelligent workload management system, comprising:
- an authentication server that generates authentication tokens defining entitlements for a plurality of unique identities across a plurality of authentication domains, wherein the authentication server generates the authentication tokens from federated identity information stored in an identity vault;
a discovery engine that discovers a model describing an operational state for an information technology infrastructure and enriches the model with the federated information stored in the identity vault and actual activity monitored for the plurality of unique identities in the information technology infrastructure, wherein the discovery engine is configured to;
discover, from the federated information stored in the identity vault, information that describes one or more physical resources and one or more virtualized resources in the information technology infrastructure, one or more applications and one or more services running in the information technology infrastructure, and dependencies between the physical resources, the virtualized resources, the applications, and the services;
discover information that describes the plurality of unique identities access to the physical resources, the virtualized resources, the applications, and the services in the infrastructure, wherein the discovered access information includes the entitlements defined in the authentication tokens generated at the authentication server and the actual activity monitored for the plurality of unique identities in the infrastructure; and
capture a snapshot of the model of the information technology infrastructure, wherein the snapshot includes the information that describes the physical resources, the virtualized resources, the applications, and the services, the dependencies between the physical resources, the virtualized resources, the applications, and the services, and the discovered access information; and
a management infrastructure that manages the captured snapshot of the infrastructure model, wherein the management infrastructure is configured to;
detect one or more problems or incidents in the information technology infrastructure in response to determining that the captured snapshot of the infrastructure model violates one or more predetermined policies; and
manage one or more remediation workloads in response to detecting the one or more problems or incidents in the information technology infrastructure.
16 Assignments
0 Petitions
Accused Products
Abstract
The system and method described herein for discovery enrichment in an intelligent workload management system may include a computing environment having a model-driven, service-oriented architecture for creating collaborative threads to manage workloads. In particular, the management threads may converge information for managing identities and access credentials, which may provide information that can enrich discovery of physical and virtual infrastructure resources. For example, a discovery engine may reference federated identity information stored in an identity vault and enrich a discovered infrastructure model with the federated identity information. Thus, the model may generally include information describing physical and virtualized resources in the infrastructure, applications and services running in the infrastructure, and information derived from the federated identity information that describes dependencies between the physical resources, the virtualized resources, the applications, and the services.
499 Citations
20 Claims
-
1. A system for discovery enrichment in an intelligent workload management system, comprising:
-
an authentication server that generates authentication tokens defining entitlements for a plurality of unique identities across a plurality of authentication domains, wherein the authentication server generates the authentication tokens from federated identity information stored in an identity vault; a discovery engine that discovers a model describing an operational state for an information technology infrastructure and enriches the model with the federated information stored in the identity vault and actual activity monitored for the plurality of unique identities in the information technology infrastructure, wherein the discovery engine is configured to; discover, from the federated information stored in the identity vault, information that describes one or more physical resources and one or more virtualized resources in the information technology infrastructure, one or more applications and one or more services running in the information technology infrastructure, and dependencies between the physical resources, the virtualized resources, the applications, and the services; discover information that describes the plurality of unique identities access to the physical resources, the virtualized resources, the applications, and the services in the infrastructure, wherein the discovered access information includes the entitlements defined in the authentication tokens generated at the authentication server and the actual activity monitored for the plurality of unique identities in the infrastructure; and capture a snapshot of the model of the information technology infrastructure, wherein the snapshot includes the information that describes the physical resources, the virtualized resources, the applications, and the services, the dependencies between the physical resources, the virtualized resources, the applications, and the services, and the discovered access information; and a management infrastructure that manages the captured snapshot of the infrastructure model, wherein the management infrastructure is configured to; detect one or more problems or incidents in the information technology infrastructure in response to determining that the captured snapshot of the infrastructure model violates one or more predetermined policies; and manage one or more remediation workloads in response to detecting the one or more problems or incidents in the information technology infrastructure.
-
-
2. A system for discovery enrichment in an intelligent workload management system, comprising:
-
an identity vault that stores federated information defining entitlements for a plurality of unique identities across a plurality of authentication domains; an authentication server that generates authentication tokens defining the entitlements for the plurality of unique identities from the federated information stored in the identity vault; a discovery engine that discovers a model describing an operational state for an information technology infrastructure and enriches the model with the federated information stored in the identity vault and actual activity monitored for the plurality of unique identities in the information technology infrastructure, wherein the discovery engine is configured to; discover, from the federated information stored in the identity vault, information that describes one or more physical resources and one or more virtualized resources in the information technology infrastructure; discover, from the federated information stored in the identity vault, information that describes one or more applications and one or more services running in the information technology infrastructure; discover, from the federated information stored in the identity vault, information that describes dependencies between the physical resources, the virtualized resources, the applications, and the services discovered in the information technology infrastructure; discover information that describes the plurality of unique identities access to the physical resources, the virtualized resources, the applications, and the services in the infrastructure, wherein the discovered access information includes the entitlements defined in the authentication tokens generated at the authentication server and the actual activity monitored for the plurality of unique identities in the infrastructure; and capture a snapshot of the model of the information technology infrastructure, wherein the snapshot includes the information that describes the physical resources, the virtualized resources, the applications, and the services, the dependencies between the physical resources, the virtualized resources, the applications, and the services, and the discovered access information. - View Dependent Claims (3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for discovery enrichment in an intelligent workload management system, comprising:
-
storing, in an identity vault, federated information defining entitlements for a plurality of unique identities across a plurality of authentication domains; generating, at an authentication server, authentication tokens defining the entitlements for the plurality of unique identities from the federated information stored in the identity vault; and discovering, by a discovery engine, a model describing an operational state for an information technology infrastructure enriched with the federated information stored in the identity vault and actual activity monitored for the plurality of unique identities in the information technology infrastructure, wherein discovering the model of the information technology infrastructure includes; discovering, from the federated information stored in the identity vault, information that describes one or more physical resources and one or more virtualized resources in the information technology infrastructure; discovering, from the federated information stored in the identity vault, information that describes one or more applications and one or more services running in the information technology infrastructure; discovering, from the federated information stored in the identity vault, information that describes dependencies between the physical resources, the virtualized resources, the applications, and the services discovered in the information technology infrastructure; discovering information that describes the plurality of unique identities access to the physical resources, the virtualized resources, the applications, and the services in the infrastructure, wherein the discovered access information includes the entitlements defined in the authentication tokens generated at the authentication server and the actual activity monitored for the plurality of unique identities in the infrastructure; and capturing a snapshot of the model of the information technology infrastructure, wherein the snapshot includes the discovered information that describes the physical resources, the virtualized resources, the applications, and the services, the dependencies between the physical resources, the virtualized resources, the applications, and the services, and the discovered access information. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20)
-
Specification