Abstract: A method includes receiving, at a server, a request from a user to access an enterprise network system. The user is authenticated at the server, by receiving first unique credentials from the user. The user's access to a plurality of services external to the enterprise network system is facilitated, in response to receiving the first unique credentials from the user. Each of the plurality of services requires respective unique services credentials associated with the user, to access a respective unique account associated with the user. The method includes receiving, from the user, a selection of one of the plurality of services. The respective unique services credentials associated with the user are determined, for the selected one of the plurality of services. A connection between the server and the selected one of the plurality of services is established, using the respective unique services credentials associated with the user.

Abstract: A method and apparatus of simulating performance characteristics of a virtual machine are disclosed. An example method may include selecting and inserting a virtual machine into a business application service group that includes a plurality of enterprise network devices, initiating a simulation sequence for a predetermined amount of time, recording results of the simulation sequence, and storing the results in memory.

Abstract: A network ontology can be determined for at least one node indicated for migration. The network ontology can describe nodes with which the indicated node has a communication relationship. These nodes and the indicated node can be added to a migration group, and each node of the migration group can be migrated to a cloud infrastructure.

Abstract: Virtual machine resources may be monitored for optimal allocation. One example method may include monitoring a virtual machine operating in a network to determine whether at least one predefined service tier threshold has been exceeded for a predefined amount of time, initiating a query to determine current performance threshold data of the at least one predefined service tier threshold from a database, determining at least one component state of at least one component of the virtual machine based on the at least one service tier threshold assigned to the at least one component, and reallocating the resource provided by the virtual machine when the component state indicates a high warning state.

Abstract: A method includes receiving, at a server, a request from a user to access an enterprise network system. The user is authenticated at the server, by receiving first unique credentials from the user. The user's access to a plurality of services external to the enterprise network system is facilitated, in response to receiving the first unique credentials from the user. Each of the plurality of services requires respective unique services credentials associated with the user, to access a respective unique account associated with the user. The method includes receiving, from the user, a selection of one of the plurality of services. The respective unique services credentials associated with the user are determined, for the selected one of the plurality of services. A connection between the server and the selected one of the plurality of services is established, using the respective unique services credentials associated with the user.

Abstract: A method includes receiving, at a server, a request from a user to access an enterprise network system using a client device. The user is authenticated by receiving first unique enterprise credentials from the user. The user's access to a plurality of services external to the enterprise network system is facilitated, in response to receiving the unique enterprise credentials from the user, wherein each of the plurality of services requires respective unique services credentials associated with the user, for access. A selection of one of the plurality of services is received from the user. It is determined whether the user is classified as a privileged user or a non-privileged user. The method includes selecting between first and second policies depending upon the determination whether the user is classified as a privileged user or a non-privileged user. The first policy may include recording a session between the user and the selected one of the plurality of services, at the server.

Abstract: A method and apparatus of determining enterprise network component dependency in a business application service group is disclosed. An example method may include collecting performance data of present operating conditions of a plurality of network components operating in the enterprise network and storing the performance data in memory. The method may also include extracting ontological component data of the plurality of network components from the collected performance data, and comparing the collected performance data with predefined service tier threshold parameters. The method may also include establishing direct and indirect relationships between the plurality of network components based on the determined operational relationships, and assigning a steady state to the established direct and indirect relationships.

Abstract: An example method of automatically establishing a baseline of virtual machines operating in a network may include parsing service group ontology information stored of an established service group to determine components of a business application service group that are communicating with one another. The example method may also include tracking the current state of the business application service group to determine if any changes have occurred since a previous service business application service group configuration, and, if so, updating the ontology information to reflect those changes, and generating a list of candidate virtual machines that are candidates for participating in the established baseline.

Abstract: An exemplary method may include collecting performance data of present operating conditions of network components operating in an enterprise network, extracting ontological component data of the network components from the collected performance data, comparing the collected performance data with predefined service tier threshold parameters, and determining if the ontological component data represents operational relationships between the network components, and establishing direct and indirect relationships between the network components based on the determined operational relationships and establishing a business application service group based on the ontological component data.

Abstract: An agent is deployed to a node of an enterprise network, where the agent is configured to establish communication with the enterprise network after migration of the node to a cloud infrastructure. Further, the node is migrated to the cloud infrastructure, and communication is established between the node and the enterprise network using the agent.

Abstract: Virtual machine resources may be monitored for optimal allocation. One example method may include generating a list of virtual machines operating in a network and surveying the virtual machines to determine their current resource usage data. The method may also include ranking the virtual machines based on their current resource usage data to indicate available resources of the virtual machines, and assigning the virtual machines to at least one business application service group (BASG) that requires the available resources of the virtual machines.

Abstract: At least one agent is deployed to one or more nodes of a network. At least one message is received from the agent, and at least one configuration change is determined from the message. Next, a record comprising one or more parameters of the configuration change is generated and stored in a database.

Abstract: One or more business process application service groups may be categorized. An ontological definition of an enterprise network can then be analyzed to identify one or more structures within the enterprise network that correlate to the one or more categorized business process application service groups.

Abstract: A primary application comprising one or more executables is defined, and a network ontology for the primary application is determined and stored in a database, where the network ontology comprises one or more nodes of an enterprise network that communicate during execution of the one or more executables. Next, a change of state for at least one of the nodes is detected and used to determine one or more elements of the network ontology for the primary application that have a changed state. Further, an impact summary view is generated to indicate the elements of the primary application that have a changed state, and the impact summary view is displayed to a user.

Abstract: An ontology is generated for a business application on an enterprise network that describes one or more nodes that communicate with each other during the execution of the business application. An alert condition of the business application is detected, and the ontology for the business application is processed to determine one or more components of the ontology that are in an alert state. Further, a root cause view that indicates the one or more alert state components is generated and displayed to a user.

Abstract: A method and system provide security for a communication network and for one or more nodes within the network. Software can be distributed throughout the network from a centralized location or administrative console. The software can be made resident in the kernel of the operating system of a receiving node. The software can provide an observation functionality, an analysis functionality, a reporting functionality and a remediation functionality or some subset of those functionalities.

Abstract: Network traffic analysis is performed by deploying, across a network having a plurality of network nodes, at least one data collection agent, on at least two of the plurality of network nodes. Each data collection agent may monitor at each network node, a plurality of network connections instantiated during a monitoring time period. Data resulting from the monitoring is acquired from the data collection agents and an ontological description of the network is automatically created from the acquired data. The ontological description is dynamically updated and network traffic analysis is performed using the dynamically updating ontological description.

Abstract: A method and system for a communication network containing both trusted peers and untrusted hosts within the network. Trusted peers can collaborate with each other to observe and monitor the activity of the untrusted hosts. In addition, a trusted peer instantiated with a virtual machine can have an operating system kernel collaborate with a hypervisor to determine whether threats are present. A trusted peer that needs particular functionality installed can collaborate with other trusted peers and with an administrative console to have that functionality installed. An untrusted host can have a driver directly inserted into it by an administration console, which will facilitate in the collaboration process.

Abstract: An ontology is generated for a business application on an enterprise network that describes one or more nodes that communicate with each other during the execution of the business application. An alert condition of the business application is detected, and the ontology for the business application is processed to determine one or more components of the ontology that are in an alert state. Further, a root cause view that indicates the one or more alert state components is generated and displayed to a user.

Abstract: A method and apparatus of simulating performance characteristics of a virtual machine are disclosed. An example method may include selecting and inserting a virtual machine into a business application service group that includes a plurality of enterprise network devices, initiating a simulation sequence for a predetermined amount of time, recording results of the simulation sequence, and storing the results in memory.