Abstract: Virtual machine resources may be monitored for optimal allocation. One example method may include monitoring a virtual machine operating in a network to determine whether at least one predefined service tier threshold has been exceeded for a predefined amount of time, initiating a query to determine current performance threshold data of the at least one predefined service tier threshold from a database, determining at least one component state of at least one component of the virtual machine based on the at least one service tier threshold assigned to the at least one component, and reallocating the resource provided by the virtual machine when the component state indicates a high warning state.

Abstract: A method and apparatus of determining enterprise network component dependency in a business application service group is disclosed. An example method may include collecting performance data of present operating conditions of a plurality of network components operating in the enterprise network and storing the performance data in memory. The method may also include extracting ontological component data of the plurality of network components from the collected performance data, and comparing the collected performance data with predefined service tier threshold parameters. The method may also include establishing direct and indirect relationships between the plurality of network components based on the determined operational relationships, and assigning a steady state to the established direct and indirect relationships.

Abstract: Virtual machine resources may be monitored for optimal allocation. One example method may include generating a list of virtual machines operating in a network and surveying the virtual machines to determine their current resource usage data. The method may also include ranking the virtual machines based on their current resource usage data to indicate available resources of the virtual machines, and assigning the virtual machines to at least one business application service group (BASG) that requires the available resources of the virtual machines.

Abstract: An example method of automatically establishing a baseline of virtual machines operating in a network may include parsing service group ontology information stored of an established service group to determine components of a business application service group that are communicating with one another. The example method may also include tracking the current state of the business application service group to determine if any changes have occurred since a previous service business application service group configuration, and, if so, updating the ontology information to reflect those changes, and generating a list of candidate virtual machines that are candidates for participating in the established baseline.

Abstract: An exemplary method may include collecting performance data of present operating conditions of network components operating in an enterprise network, extracting ontological component data of the network components from the collected performance data, comparing the collected performance data with predefined service tier threshold parameters, and determining if the ontological component data represents operational relationships between the network components, and establishing direct and indirect relationships between the network components based on the determined operational relationships and establishing a business application service group based on the ontological component data.

Abstract: A method and system provide security for a communication network and for one or more nodes within the network. Software can be distributed throughout the network from a centralized location or administrative console. The software can be made resident in the kernel of the operating system of a receiving node. The software can provide an observation functionality, an analysis functionality, a reporting functionality and a remediation functionality or some subset of those functionalities.

Abstract: A method and system provide security for a communication network and for one or more nodes within the network. Software can be distributed throughout the network from a centralized location or administrative console. The software can be made resident in the kernel of the operating system of a receiving node. The software can provide an observation functionality, an analysis functionality, a reporting functionality and a remediation functionality or some subset of those functionalities.

Abstract: An ontology is generated for a business application on an enterprise network that describes one or more nodes that communicate with each other during the execution of the business application. An alert condition of the business application is detected, and the ontology for the business application is processed to determine one or more components of the ontology that are in an alert state. Further, a root cause view that indicates the one or more alert state components is generated and displayed to a user.

Abstract: At least one agent is deployed to one or more nodes of a network. At least one message is received from the agent, and at least one configuration change is determined from the message. Next, a record comprising one or more parameters of the configuration change is generated and stored in a database.

Abstract: A network ontology can be determined for at least one node indicated for migration. The network ontology can describe nodes with which the indicated node has a communication relationship. These nodes and the indicated node can be added to a migration group, and each node of the migration group can be migrated to a cloud infrastructure.

Abstract: An agent is deployed to a node of an enterprise network, where the agent is configured to establish communication with the enterprise network after migration of the node to a cloud infrastructure. Further, the node is migrated to the cloud infrastructure, and communication is established between the node and the enterprise network using the agent.

Abstract: One or more business process application service groups may be categorized. An ontological definition of an enterprise network can then be analyzed to identify one or more structures within the enterprise network that correlate to the one or more categorized business process application service groups.

Abstract: A primary application comprising one or more executables is defined, and a network ontology for the primary application is determined and stored in a database, where the network ontology comprises one or more nodes of an enterprise network that communicate during execution of the one or more executables. Next, a change of state for at least one of the nodes is detected and used to determine one or more elements of the network ontology for the primary application that have a changed state. Further, an impact summary view is generated to indicate the elements of the primary application that have a changed state, and the impact summary view is displayed to a user.

Abstract: An ontology is generated for a business application on an enterprise network that describes one or more nodes that communicate with each other during the execution of the business application. An alert condition of the business application is detected, and the ontology for the business application is processed to determine one or more components of the ontology that are in an alert state. Further, a root cause view that indicates the one or more alert state components is generated and displayed to a user.

Abstract: A method and system for a communication network containing both trusted peers and untrusted hosts within the network. Trusted peers can collaborate with each other to observe and monitor the activity of the untrusted hosts. In addition, a trusted peer instantiated with a virtual machine can have an operating system kernel collaborate with a hypervisor to determine whether threats are present. A trusted peer that needs particular functionality installed can collaborate with other trusted peers and with an administrative console to have that functionality installed. An untrusted host can have a driver directly inserted into it by an administration console, which will facilitate in the collaboration process.

Abstract: Network traffic analysis is performed by deploying, across a network having a plurality of network nodes, at least one data collection agent, on at least two of the plurality of network nodes. Each data collection agent may monitor at each network node, a plurality of network connections instantiated during a monitoring time period. Data resulting from the monitoring is acquired from the data collection agents and an ontological description of the network is automatically created from the acquired data. The ontological description is dynamically updated and network traffic analysis is performed using the dynamically updating ontological description.

Abstract: A method and system for a communication network containing both trusted peers and untrusted hosts within the network. Trusted peers can collaborate with each other to observe and monitor the activity of the untrusted hosts. In addition, a trusted peer instantiated with a virtual machine can have an operating system kernel collaborate with a hypervisor to determine whether threats are present. A trusted peer that needs particular functionality installed can collaborate with other trusted peers and with an administrative console to have that functionality installed. An untrusted host can have a driver directly inserted into it by an administration console, which will facilitate in the collaboration process.

Abstract: A method and system provide security for a communication network and for one or more nodes within the network. Software can be distributed throughout the network from a centralized location or administrative console. The software can be made resident in the kernel of the operating system of a receiving node. The software can provide an observation functionality, an analysis functionality, a reporting functionality and a remediation functionality or some subset of those functionalities.

Abstract: A method and system for a communication network containing both trusted peers and untrusted hosts within the network. Trusted peers can collaborate with each other to observe and monitor the activity of the untrusted hosts. In addition, a trusted peer instantiated with a virtual machine can have an operating system kernel collaborate with a hypervisor to determine whether threats are present. A trusted peer that needs particular functionality installed can collaborate with other trusted peers and with an administrative console to have that functionality installed. An untrusted host can have a driver directly inserted into it by an administration console, which will facilitate in the collaboration process.

Abstract: The analysis system is a collection, configuration and integration of software programs that reside on multiple interconnected computer platforms. The software, less computer operating systems, is a combination of sensor, analysis, data conversion, and visualization programs. The hardware platforms consist of several different types of interconnected computers, which share the software programs, data files, and visualization programs via a Local Area Network (LAN). This collection and integration of software and the migration to a single computer platform results in an approach to LAN/WAN monitoring in either a passive and/or active mode. The architecture permits digital data input from external sensors for analysis, display and correlation with data and displays derived from four major software concept groups. These are: Virus Computer Code Detection; Analysis of Computer Source and Executable Code; Dynamic Monitoring of Data Communication Networks; 3-D Visualization and Animation of Data.