Abstract: A client computing device has a storage device storing a plurality of files and a system agent. The system agent applies a hash function to binary data read from the plurality of files to generate a set of data signatures. A server computing device has a database interface to access a database representing a state of the network and storage for a set of exemplar data signatures resulting from a scan of one or more exemplar computing devices, each data signature generated by applying a hash function to binary data representing a file. The client computing device is configured to receive and compare the set of exemplar data signatures with the generated set of data signatures, and to transmit data to the server computing device based on the comparison. The server computing device is configured to obtain data received from the client computing device and update records in the database.

Abstract: A method of monitoring an operating state of a computing device includes running a system agent on the computing device. An introduced process is executed on the computing device, and a captured parameter relating to at least one of the system agent and the introduced process is captured. The captured parameter is compared to at least one pre-determined parameter. Where the captured parameter differs from the pre-determined parameter by more than a pre-determined threshold, a signal indicative of a change in operating state of the computing device is output.

Abstract: Methods and systems are described herein to restrict execution of files stored on a computing device. In an example a request to execute a file is intercepted by a security agent on the computing device. The security agent is arranged to determine if metadata stored with the with the file comprises a cryptographic code comprising a function of at least a private key of a security server in communication with the computing device and a first hash value the first hash value being an output of a hash function applied to data associated with the file at a first time. If the security agent determines that the metadata comprises the cryptographic code, it verifies the code with a public key of the security server, obtains a second hash value of the file at a second time and executes the file if the first hash value matches the second hash value.

Abstract: The present disclosure relates to a switch for a network, and specifically the dynamic allocation of buffer memory within the switch. A communication channel is established between the switch and a network device. The switch configures and allocates a portion of memory to a receive socket buffer for the established channel. Upon receipt of a signal from the network device, the switch allocates a second portion of memory to the receive socket buffer.

Abstract: At least one of a method, a client computing device, and a server computing device for communicating data associated with a virtual machine are described. In one example, a client computing device is communicatively coupled to a network. A first set of data representative of at least a portion of a virtual machine disk image accessible on the network is determined, the first set of data comprising data arranged in a first sequence. From this first set of data, a second set of data is determined for communication to the client computing device over the network, the second set of data comprising at least a portion of the first set of data arranged in a second sequence, the second sequence being different from the first sequence.

Abstract: A central server in a network stores, or has access to, data relating to software stored on computers in subnets of the network. The central server is able to designate a computer in each subnet as a wake-up master for that subnet. The wake up master maintains an awoken state and is able to issue a wakeup signal to any computer designated by the central server in the subnet. A computer in a subnet requesting software from another computer in the subnet, but unable to find it because the other computer may not be awake, issues a request to the central server. The central server identifies a computer in the subnet likely to have the software and causes the wake-up master of the subnet to wake up the identified computer so the requesting computer can communicate with, and download, the requested software from the identified computer.

Abstract: A network comprises a data store storing for computing devices connectable to the network i) identification data, associated with the computing devices and ii) source data identifying one or more sources of program data for the devices. The network also has one or more sources of program data associated with the identification data; and a plurality of computing devices. The computing devices each include a communications program configured to communicate with the data store, provide the identification data associated with the computing device and obtain from the data store the source data, and, having obtained the source data from the data store, communicate with the identified source to obtain program data from the identified source.

Abstract: A computer in a network has an operating system. The operating system is configured to prevent running of software not identified in a list of approved software referred to as a white list. Software absent from the list is prevented from running by the operating system. The network has a server which determines, for each item of software on the white list, the administration rights of the users of computers having that item of software. If a white listed software item is present on one or more computers used by users without admin rights, then the admin rights of any user of other computers having the same white listed software item are withdrawn by instructions sent by the server to the computer.

Abstract: According to examples described herein computer devices coupled to a network can be automatically configured. Systems information is gathered from a plurality of computer devices by way of one or more of an agent and a scout. This information is standardized and stored in one or more databases. A program function is determined from the standardized information. This program function is used to identify two different sets of computer programs installed on a set of networked computer devices. This configuration is then replaced by a configuration where only a single common computer program is used to perform the program function.

Abstract: User data stored on a first computer in a network is backed up to a computer which is one of a plurality of other computers in the network. The user data may be backed-up because a new operating system is to be installed. A request message indicating that the user data needs to be backed up is transmitted from the first computer to the network and is received at the other computers. One of the other computers is selected based on data indicating the extent to which each of the replying computers complies with one or more selection criteria. The first computer then transmits the user date to the selected computer with an identifier identifying the user data. The user data is stored in storage associated with the selected computer. The first and other computers may be in the same sub-network. The selection may be made by the first computer.

Abstract: Software is installed and/or un-installed in networks. Each of a plurality of networks has a network management system storing metadata comprising at least the identities and command lines of software installed using installation systems of the management systems. On each network the network management system of the network is accessed to obtaining the metadata of items of software run on the network. That metadata is sent to a server which serves all the networks. At the server, a comparison is done to compare the metadata of instances of the same software on different networks. For those instances of the same software having the same metadata on different networks, the metadata is storing in a database. The networks use the metadata stored in the database to automatically install or un-install software.

Abstract: A computer implemented method of monitoring the performance of a computer comprises determining the value of an activity metric of the monitored computer. The contribution(s) to the said value of one or more predetermined activities is/are determined In one embodiment, the said contribution(s) are subtracted from the said total value to provide a net value representing a measure of the performance of the computer. A predetermined data set may be used to identify the one or more predetermined activities. In another embodiment, the value of at least one activity metric of the monitored computer is determined excluding contributions to that value from the said one or more predetermined activities identified from the said data set to provide a net value representing a measure of the performance of the computer. The net value may be used to control the power consumption of the computer.

Abstract: A network comprises a data store storing for computing devices connectable to the network i) identification data associated with the computing devices and ii) source data identifying one or more sources of program data for the devices. The network also has one or more sources of program data associated with the said identification data; and a plurality of computing devices. The computing devices each include a communications program configured to communicate with the data store, provide the identification data associated with the computing device and obtain from the data store the said source data, and, having obtained the said source data from the data store, communicate with the identified source to obtain program data from the identified source.

Abstract: A computer has an operating system having a kernel. The operating system is configured to prevent running of software not identified in a list of approved software referred to as a white list. The computer is linked by a communications link to a server which has a comparison program which compares the identities of software present on the computer with software identified in the list to determine what software installed on the computer is not on the white list. A risk determination program determines for each software not on the list whether the software complies with a plurality of risk criteria, and automatically adds to the list the identity of any software determined to be of low risk according to a risk calculation. The list is supplied to the computer. Software absent from the list is prevented from running by the kernel of the operating system.

Abstract: A network of computers has a network management system which stores metadata comprising at least the identities of software present on computers of the network. A computer of the network runs a monitoring program which accesses the metadata stored in the network management system to provide a measure of the extent to which one or more of a plurality of security controls are implemented in the network. The security controls are the application of Operating System patches, the application of third party software patches, allowing only applications on a list of approved software to run, and limiting administrator privileges. The measure comprises risk ratings dependent on the extents to which the controls are implemented.

Abstract: Software is installed and/or un-installed in networks. Each of a plurality of networks has a network management system storing metadata comprising at least the identities and command lines of software installed using installation systems of the management systems. On each network the network management system of the network is accessed to obtaining the metadata of items of software run on the network. That metadata is sent to a server which serves all the networks. At the server, a comparison is done to compare the metadata of instances of the same software on different networks. For those instances of the same software having the same metadata on different networks, the metadata is storing in a database. The networks use the metadata stored in the database to automatically install or un-install software.

Abstract: A target machine in a sub-network requires network booting. The target machine broadcasts messages in the sub-network indicating that the target machine needs booting, and which are detected by other machines in the sub-network which are capable of booting the target machine. The other machines respond to the messages by electing one of them as a master boot control for the target machine. The elected machine controls booting of the target machine.

Abstract: A computer implemented method to monitor the distribution of software to computers on a network is provided. The network has a data source, for example a systems management tool, which stores data relating to downloads of software. It is desirable for the purpose of operating the network economically to monitor the distribution of software to users. The systems management tool is accessed to determine the number of the computers on the network which have received a particular item of software. That number is compared with a threshold number which is small compared to the number of computers on the network. If the number is less than the threshold that is taken as an indication that the particular item of software has been distributed to the computers by a download as a result of one or more individual requests by users of the computers.

Abstract: User data stored on a first computer in a network is backed up to a computer which is one of a plurality of other computers in the network. The user data may be backed-up because a new operating system is to be installed. A request message indicating that the user data needs to be backed up is transmitted from the first computer to the network and is received at the other computers. One of the other computers is selected based on data indicating the extent to which each of the replying computers complies with one or more selection criteria. The first computer then transmits the user date to the selected computer with an identifier identifying the user data. The user data is stored in storage associated with the selected computer. The first and other computers may be in the same sub-network. The selection may be made by the first computer.

Abstract: A network comprises a plurality of computers including a first computer and a target computer. It also has a source of a plurality of policies, and an arrangement which installs policies on the computers of the network. The first computer has program code for accessing the source and for selecting one of the policies. The source responds to the selection to provide the selected policy to the installing arrangement. The installing arrangement has program code for automatically installing the selected policy on the target computer.