Anti-malware scan management in high-availability virtualization environments
First Claim
1. A computer-implemented method of managing scanning in a virtualization environment, the method comprising:
- initiating scanning on a first virtual machine hosted in a first host machine that is hosting a first plurality of virtual machines, the first virtual machine being one of the first plurality of virtual machines;
saving a scan state of the first virtual machine, the scan state indicating status of the anti-malware scanning on the first virtual machine initiated in the first host machine;
migrating the first virtual machine and the scan state to a second host machine that is hosting a second plurality of virtual machines; and
performing scanning on the first virtual machine in the second host machine based on information from the scan state.
1 Assignment
0 Petitions
Accused Products
Abstract
A computer system for high-availability virtualization environment includes an originating host machine hosting several virtual machines. Anti-malware scanning on a virtual machine may be initiated in the originating host machine. Prior to completion of the anti-malware scanning, the virtual machine may be migrated to another, destination host machine. The anti-malware scanning on the virtual machine may be resumed in the destination host machine based on a scan state of the virtual machine. The anti-malware scanning of the virtual machine may be suspended and scheduled for execution in the destination host machine. A scan cache of the virtual machine may be preserved depending on information from the scan state. For example, the scan cache may be preserved and employed in the destination host machine when the originating and destination host machines use the same scan engine and pattern version.
99 Citations
20 Claims
-
1. A computer-implemented method of managing scanning in a virtualization environment, the method comprising:
-
initiating scanning on a first virtual machine hosted in a first host machine that is hosting a first plurality of virtual machines, the first virtual machine being one of the first plurality of virtual machines; saving a scan state of the first virtual machine, the scan state indicating status of the anti-malware scanning on the first virtual machine initiated in the first host machine; migrating the first virtual machine and the scan state to a second host machine that is hosting a second plurality of virtual machines; and performing scanning on the first virtual machine in the second host machine based on information from the scan state. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A computer system for a high-availability virtualization environment, the system comprising:
-
a first host machine hosting a first plurality of virtual machines, the first host machine being configured to save a scan state of a first virtual machine in the plurality of virtual machines, the scan state indicating status of an incomplete anti-malware scanning of the first virtual machine in the first host machine; and a second host machine hosting a second plurality of virtual machines, the second host machine being configured to receive the scan state and the first virtual machine, the second host machine being configured to resume execution of the incomplete anti-malware scanning of the first virtual machine based on the scan state. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A computer-implemented method of managing anti-malware scanning in a virtualization environment, the method comprising:
-
a first host machine hosting a first plurality of virtual machines, each virtual machine in the first plurality of virtual machines executing programs like a physical machine; the first host machine hosting a first security virtual machine that initiates anti-malware scanning on a first virtual machine, the first security virtual machine and the first virtual machine being virtual machines in the plurality of virtual machines; a second host machine hosting a second plurality of virtual machines, each virtual machine in the second plurality of virtual machines executing programs like a physical machine, the first host machine being separate from the second host machine; the first host machine migrating the first virtual machine to the second virtual before completion of the anti-malware scanning on the first virtual machine initiated by the first security virtual machine in the first host machine; the second host machine receiving the first virtual machine together with a scan state of the first virtual machine before the anti-malware scanning on the first virtual machine initiated by the first security virtual machine in the first host machine has completed, the scan state indicating status of the anti-malware scanning on the first virtual machine initiated by the first security virtual machine in the first host machine; the second host machine scheduling anti-malware scanning on the first virtual machine in the second host machine; and the second host machine hosting a second security virtual machine that resumes the anti-malware scanning on the first virtual machine initiated by the first security virtual machine in the first host machine, the second security virtual machine being a virtual machine in the second plurality of virtual machines. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification