Abstract: A method, system and computer program product for remotely booting devices. A deployment server may remotely transmit authentication parameter(s), e.g., public key, secret key, to a service unit configured to establish a private connection between server blades and the deployment server. The service unit may remotely install the authentication parameter(s) onto the server blade(s) to be booted by either the deployment server or another boot server. By the service unit remotely installing the authentication parameter(s) onto the server blade(s), the need to manually install them during each network boot operation may be alleviated. By remotely transmitting authentication parameter(s) instead of manually installing them on the devices to be booted during each network boot operation, the deployment server may be able to generate unique authentication parameter(s), e.g., public/private key pair, secret key, for each network boot operation thereby substantially reducing the exposure to replay attacks.

Abstract: A method and system for autonomously rebuilding a failed one of a plurality of servers and a computer system utilizing the same is disclosed. In a first aspect, the method comprises providing a bus for allowing a recovery mechanism to access each of the plurality of servers and utilizing the recovery mechanism to rebuild the failed server onto another server. In a second aspect, the computer system comprises a plurality of servers, a management module for monitoring and managing the plurality of servers, a recovery mechanism coupled to the management module, and a bus coupling the recovery mechanism to each of the plurality of servers, wherein the recovery mechanism rebuilds a failed server onto another of the plurality of servers.

Abstract: Aspects for detection and correction of entrance into an improper master boot record (MBR) state in a computer system are described. The aspects include providing a proxy MBR at a predetermined location on a storage device of a computer system to provide a proxy MBR. The proxy MBR is then utilized during a restart operation. An original MBR maintained at an original location on the storage device is then utilized during a reboot operation when the utilization of the proxy MBR is unsuccessful.

Abstract: A network and method for servicing simultaneously pending boot image download requests in a multi-client, networked environment. A boot image server on the network is configured to satisfy boot image sessions initiated by one or more client systems on the network. The image server is configured to prioritize requests from different clients to minimize or reduce the network's average download time, which represents the amount of time required to boot a theoretical average client. In one embodiment, the image server is configured to minimize the average download time by prioritizing client requests according to the amount of time required to complete a each client's download such that requests from clients with short remaining download times are given higher priority and, conversely, request from clients with long remaining download times are given lower priority.

Abstract: A method and system for managing a secure configuration of a server blade on a network. The server blade has a Remote Supervisor Adapter (RSA) card, which contains a list of trusted Dynamic Host Configuration Protocol (DHCP) servers. A remote manager, which communicates with the RSA card via a hyper-secure network, maintains the list of trusted DHCP servers on the RSA card. When the server blade broadcasts a request for configuration parameters to join the network, a response offer is returned from a DHCP server. If the responding DHCP server is not on the list of trusted DHCP servers contained in the RSA card, then the offer is refused, and another DHCP server's offer is evaluated.

Abstract: A method and system for managing a secure network boot of a secondary server (server blade). The server blade sends a request, via an Ethernet switch, for a boot program to multiple Dynamic Host Configuration Protocol (DHCP) servers. One of the DHCP servers responds with an address of at least one Pre-boot Execution Environment (PXE) server that can upload a boot program to the server blade. Only if the responding DHCP server is on a list of known trusted DHCP servers will the Ethernet switch allow the server blade to receive the response from the responding DHCP server, thus allowing the download of a boot program from a PXE server.

Abstract: A method and system for managing a secure configuration of a server blade on a network. The server blade has a Remote Supervisor Adapter (RSA) card, which contains a list of trusted Dynamic Host Configuration Protocol (DHCP) servers. A remote manager, which communicates with the RSA card via a hyper-secure network, maintains the list of trusted DHCP servers on the RSA card. When the server blade broadcasts a request for configuration parameters to join the network, a response offer is returned from a DHCP server. If the responding DHCP server is not on the list of trusted DHCP servers contained in the RSA card, then the offer is refused, and another DHCP server's offer is evaluated.

Abstract: A method and system for managing a secure network boot of a server blade. The server blade is part of a server blade chassis, which holds multiple server blades that communicate with outside devices via a Pre-boot eXecution Environment (PXE) enabled network interface card. When a server blade receives a response from a PXE boot server offering a boot program download, a Remote Supervisory Adapter (RSA) card, managed by a remote manager, compares the identity of the responding PXE boot server with a list of trusted PXE boot servers. Only if the responding PXE boot server is on the list of trusted PXE boot servers will the server blade be allowed to use a boot program provided by the responding PXE boot server.

Abstract: A method and system for managing a secure network boot of a server blade. The server blade is part of a server blade chassis, which holds multiple server blades that communicate with outside devices via a Pre-boot eXecution Environment (PXE) enabled network interface card. When a server blade receives a response from a PXE boot server offering a boot program download, a Remote Supervisory Adapter (RSA) card, managed by a remote manager, compares the identity of the responding PXE boot server with a list of trusted PXE boot servers. Only if the responding PXE boot server is on the list of trusted PXE boot servers will the server blade be allowed to use a boot program provided by the responding PXE boot server.

Abstract: This invention is comprised of a data processing system containing at least one main processor connected to a system bus, a system memory connected to the system bus and accessible to each of the main processors, a tamper mechanism, and a local service processor. The tamper mechanism is configured to change state each time the system is inserted into a slot in a rack enclosure. The local service processor is connected to the tamper mechanism and configured to update an insertion log upon detecting a change in state of the tamper mechanism. The insertion log provides a count and a history of rack insertions to which the system has been subjected. The system may include a non-volatile storage element which is updated exclusively by the local service processor that contains the insertion log. The insertion log may include an insertion counter. In this embodiment, the local service processor is configured to increment the insertion counter upon each insertion.

Abstract: A method and system for load balancing switch modules in a server system and a computer system utilizing the same is disclosed. In a first aspect, the method comprises assigning each of a plurality of servers to a switch module of a plurality of switch modules, such that a number of servers assigned to each of the plurality of switch modules is substantially equal. In a second aspect, a computer system comprises a plurality of servers coupled to a plurality of switch modules, a management module, and a load balancing mechanism coupled to the management module, wherein the load balancing mechanism assigns each of the plurality of servers to a switch module of the plurality of switch modules, such that a number of servers assigned to each of the plurality of switch modules is substantially equal.

Abstract: A method and system for interlocking a plurality of servers to a server system is disclosed. In a first aspect, the method comprises assigning an identifier to each of the plurality of servers, wherein the identifier associates each of the plurality of servers to the server system, thereby defining a plurality of interlocked servers. In a second aspect, a computer system comprises a plurality of servers, a management module coupled to each of the plurality of servers, and an interlock mechanism coupled to the management module, wherein the interlock mechanism assigns to each of the plurality of servers an identifier that associates each of the plurality of servers to the server system, thereby defining a plurality of interlocked servers.

Abstract: A method and system for autonomously rebuilding a failed one of a plurality of servers and a computer system utilizing the same is disclosed. In a first aspect, the method comprises providing a bus for allowing a recovery mechanism to access each of the plurality of servers and utilizing the recovery mechanism to rebuild the failed server onto another server. In a second aspect, the computer system comprises a plurality of servers, a management module for monitoring and managing the plurality of servers, a recovery mechanism coupled to the management module, and a bus coupling the recovery mechanism to each of the plurality of servers, wherein the recovery mechanism rebuilds a failed server onto another of the plurality of servers.

Abstract: A system and method for presenting and capturing images on a presentation board are described. More particularly, embodiments of the present invention provide a projector adapted to display one or more images onto a surface and a camera adapted to capture the one or more images from the surface. Also provided is an interface electronics coupled to the projector and to the camera. The interface electronics is adapted to feed the projector with the one or more images and adapted to process the one or more images from the camera. Also a user can control the presentation system by modifying the one or more images on the surface.

Abstract: Aspects for detection and correction of entrance into an improper master boot record (MBR) state in a computer system are described. The aspects include providing a proxy MBR at a predetermined location on a storage device of a computer system to provide a proxy MBR. The proxy MBR is then utilized during a restart operation. An original MBR maintained at an original location on the storage device is then utilized during a reboot operation when the utilization of the proxy MBR is unsuccessful.

Abstract: A system in which a networked device automatically evaluates hacker attack notification information and, based thereon, selects and executes responses to the attack. The notification may include information such as the address of the infected system, identification of the specific worm, and a list of vulnerable applications and operating systems. The evaluation is based on factors including criticality and vulnerability of applications running on the system and connectivity of the device. A variety of automatic responses can be selected, including notification of network administration, shutdown of the device or services running on the device, updating and activation of anti-virus software, and selective handling of data sent from the address of the suspect network device. The selection of responses can occur automatically based on rules input during setup or by intervention of network administration.

Abstract: In a method for automatically isolating worm software and hacker attacks in a network, a computer system detects, as an attack, a probe by a worm software or a hacker from a compromised computer system in the network. The computer system then isolates the compromised computer system from the remainder of the network. Thus, the probing of the computer system itself is considered an attack. In response to an attack, the compromised computer system is isolated from the remainder of the network. In addition, no dedicated hardware or special hardware is required to implement the method. In this manner, damage to the network by worm software or compromised by a hacker is slowed or prevented by automatically isolating the compromised computer system from the network.

Abstract: A system and method for presenting and capturing images on a presentation board are described. More particularly, embodiments of the present invention provide a projector adapted to display one or more images onto a surface and a camera adapted to capture the one or more images from the surface. Also provided is an interface electronics coupled to the projector and to the camera. The interface electronics is adapted to feed the projector with the one or more images and adapted to process the one or more images from the camera. Also a user can control the presentation system by modifying the one or more images on the surface.

Abstract: A network and method for servicing simultaneously pending boot image download requests in a multi-client, networked environment. A boot image server on the network is configured to satisfy boot image sessions initiated by one or more client systems on the network. The image server is configured to prioritize requests from different clients to minimize or reduce the network's average download time, which represents the amount of time required to boot a theoretical average client. In one embodiment, the image server is configured to minimize the average download time by prioritizing client requests according to the amount of time required to complete a each client's download such that requests from clients with short remaining download times are given higher priority and, conversely, request from clients with long remaining download times are given lower priority.

Abstract: A method for a guaranteeing a network manager discovers SNMP agents on a communications network. Each SNMP agent transmits a trap to the network manager. The trap contains the network manager's IP address and the SNMP agent's identifying information, including its IP address. When the trap is received at the network manager, it is parsed for the agent identifying information, which is compared against a list of previously identified/discovered agents. If the agent identifying information is not found, i.e., if the agent is a newly discovered agent, the network manager adds the agent to the list of discovered agents. The agent is then registered/stored in the discovered agents file. When the trap does not include sufficient identifying information, the network manager sends a query to the agent to extract additional identifying information. The system manager is thus able to discover all connected agents without broadcasting a query message.