Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.

Abstract: A method and related apparatus for performing inspection of flows within a software defined network includes monitoring an indicator indicative of a presence of malware in a selected flow in an electronic communications network, when the indicator suggests the presence of malware in the selected flow, requesting a network device to redirect the selected flow, or to copy the selected flow and send a resulting copy of the selected flow, to a security appliance, and causing the security appliance to be reconfigured in response to the indicator that suggest the presence of malware in the selected flow.

Abstract: A method and related apparatus for performing inspection of flows within a software defined network includes identifying a security appliance within a software defined network, identifying candidate traffic flows flowing in the software defined network to be inspected, selecting one of the candidate traffic flows for security inspection, and communicating with a software defined network controller to cause the one of the candidate traffic flows to be redirected towards the security appliance for inspection or to cause the one of the candidate traffic flows to be copied and a resulting copy thereof forwarded to the security appliance for inspection.

Abstract: A computer system with read/write access to storage devices creates a snapshot of a data volume at a point in time while continuing to accept access requests to the mirrored data volume by copying before making changes to the base data volume. Multiple snapshots may be made of the same data volume at different points in time. Only data that is not stored in a previous snapshot volume or in the base data volume are stored in the most recent snapshot volume.

Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.

Abstract: A method and related apparatus for performing inspection of flows within a software defined network includes identifying a security appliance within a software defined network, identifying candidate traffic flows flowing in the software defined network to be inspected, selecting one of the candidate traffic flows for security inspection, and communicating with a software defined network controller to cause the one of the candidate traffic flows to be redirected towards the security appliance for inspection or to cause the one of the candidate traffic flows to be copied and a resulting copy thereof forwarded to the security appliance for inspection.

Abstract: A computer system with read/write access to storage devices creates a snapshot of a data volume at a point in time while continuing to accept access requests to the mirrored data volume by copying before making changes to the base data volume. Multiple snapshots may be made of the same data volume at different points in time. Only data that is not stored in a previous snapshot volume or in the base data volume are stored in the most recent snapshot volume.

Abstract: Techniques are presented herein that allow for arranging traffic flows in a network, and using the capabilities for inspection, recording, and enforcement around the network, in a way that makes the best use of the resources. A software defined network (SDN) interface between the network and security applications exposes a programmatic way to control security resources around the network such that they are optimally utilized. The SDN interface prioritizes and optimizes the use of security elements in the network. Security requests with corresponding priorities are used by a network controller to direct traffic flows through appropriate security elements, such as recording, inspection, or enforcement elements. The configuration of traffic flows is optimized with respect to the capacity of the communication links, as well as the priority of the respective security requests.

Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.

Abstract: A computer system with read/write access to storage devices creates a snapshot of a data volume at a point in time while continuing to accept access requests to the mirrored data volume by copying before making changes to the base data volume. Multiple snapshots may be made of the same data volume at different points in time. Only data that is not stored in a previous snapshot volume or in the base data volume are stored in the most recent snapshot volume.

Abstract: A computer system with read/write access to storage devices creates a snapshot of a data volume at a point in time while continuing to accept access requests to the mirrored data volume by copying before making changes to the base data volume. Multiple snapshots may be made of the same data volume at different points in time. Only data that is not stored in a previous snapshot volume or in the base data volume are stored in the most recent snapshot volume.

Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.

Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.

Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.

Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.

Abstract: A cluster of computer system nodes connected by a storage area network transmit messages using a messaging protocol having multiple layers. The storage area network supports computer system nodes running different operating systems on different endian processors. A heartbeat signal is transmitted in a common wire format over the lowest level of the messaging protocol; however other messages between the nodes may be transmitted in a format different from the common wire format. The node receiving a message is responsible for converting the format as necessary in a layer just above the layer of the messaging protocol handling heartbeat signals. However, conversion may be performed by the sending node if the sending node knows the format used by the receiving node.

Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.

Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.

Abstract: A cluster of computer system nodes share direct read/write access to storage devices via a storage area network using a cluster filesystem. At least one trusted metadata server assigns a mandatory access control label as an extended attribute of each filesystem object regardless of whether required by a client node accessing the filesystem object. The mandatory access control label indicates the sensitivity and integrity of the filesystem object and is used by the trusted metadata server(s) to control access to the filesystem object by all client nodes.

Abstract: A cluster of computer system nodes connected by a storage area network transmit messages using a messaging protocol having multiple layers. The storage area network supports computer system nodes running different operating systems on different endian processors. A heartbeat signal is transmitted in a common wire format over the lowest level of the messaging protocol; however other messages between the nodes may be transmitted in a format different from the common wire format. The node receiving a message is responsible for converting the format as necessary in a layer just above the layer of the messaging protocol handling heartbeat signals. However, conversion may be performed by the sending node if the sending node knows the format used by the receiving node.