Abstract: A system, method, and computer-accessible medium are disclosed for maintaining data at a plurality of summary levels in a single table. Data may be summarized into a plurality of summary levels. Each of the summary levels may comprise summarized data over a respective one of a plurality of intervals of time. The plurality of summary levels may vary in granularity of the summarized data. The summarized data in the plurality of summary levels may be stored in a single table in a database.

Abstract: A system and method for logging for asynchronously replicating volume groups. A write request to write data to a location in a volume may be received. Metadata associated with the write request may be stored. It may be determined if the write request possibly overlaps with one or more earlier write requests to the volume that have not yet been replicated to a secondary storage. The data may be stored in a replication log only if the write request possibly overlaps with one or more earlier write requests to the volume. The data may not be stored in the replication log if the write request does not overlap with one or more earlier write requests to the volume. The data may be written to the location in the volume. Changes to the volume may periodically be replicated to the secondary storage using the replication log.

Abstract: A system and method for visually depicting component states in a computing system. A graphical analysis tool includes a graphical user interface for use in viewing the history of a selected component. A user selects a system component for viewing and then using a timeline “drags” the state of the selected component to various points on the timeline in order to view states of the component at the selected point in time. States of the selected component may also be played forward or backward in a continuous manner. Logging agents in the system are configured to log data corresponding to detected events and forward the log data to a central repository. The analysis tool may access the data in the repository for use in creating visual displays. Point-in-time snapshots of a component may also be stored in the central repository and used to reproduce the history.

Abstract: A system and method for managing data transfers between client computers and a computer network. Each client comprises a data transfer controller and at least two data transfer rules. The data transfer controller associates each of at least two connection states with one of the data transfer rules. The data transfer controller also detects a connection state of a client device, applies a first data transfer rule to the client device in response to detecting a first connection state, and applies a second data transfer rule to the client device in response to detecting a second connection state. In a further embodiment, the data transfer controller associates a data transfer policy with attributes of a connection between the client device and the computer network, wherein a connection state comprises a set of values of the attributes of the connection.

Abstract: A method and apparatus for monitoring conversations to control telecommunications is provided. In one embodiment, a method for identifying undesirable data within voice communications to control telecommunications, comprising processing voice communications between at least two entities and analyzing the voice communications to determine indicia of undesirable data.

Abstract: A method and system for taking over devices are provided. In a solution, a first control board first performs topology discovery on a Peripheral Component Interconnect Express (PCIE) bus, and reserves resources for a Switch (SW) where a NON-Transparent (NT) bridge is located and devices connected to down ports of the SW according to a set resource reservation policy when the topology discovery proceeds to the NT bridge, where the SW and the devices are currently controlled by a second control board. After the SW and the devices are taken over from the second control board, the resource reserved in advance may be allocated to the SW and the devices, so that the devices that are taken over operate normally under control of the first control board. Dual control is implemented through direct taking over devices, and a response speed for processing a device request is improved.

Abstract: A system and method for controlling a backup operation to backup data from a source device to a backup storage device are described. Backup software creates checkpoints during the backup operation. Each checkpoint represents a point from which the backup operation can be re-started in case of failure. The backup software enables an administrator to specify a desired time interval between the checkpoints. The backup operation is performed using a backup protocol which uses a transfer frame size to determine when to create each checkpoint. The backup software translates the checkpoint time interval specified by the administrator into an appropriate transfer frame size in order to achieve the desired checkpoint time interval. The transfer frame size may be dynamically adjusted between each checkpoint.

Abstract: Known legitimate applications are analyzed to establish a list of trusted user-agent strings used by the applications to download content from a network. Traffic interception modules connected to the network examine traffic exchanged between clients and servers on the network, recognize traffic associated with downloads of content from the network, and create content download descriptions describing the downloads. The content download descriptions are analyzed to identify content downloads using the trusted user-agent strings. Identifiers of the content downloaded using the trusted user-agent strings are added to a white list of legitimate content. Access to the white list is provided to clients and the clients use the white list to identify legitimate content.

Abstract: The present invention discloses a method for network attack protection, a device, and a system thereof. The method includes: receiving information about attack source, in which the information about the attack source carries address information about an attacker; obtaining address information about a gateway corresponding to the attacker according to the address information about the attacker and a preset mapping relationship between the attacker and the gateway corresponding to the attacker; and sending a first control message to the gateway corresponding to the attacker according to the address information about the gateway corresponding to the attacker, wherein the first control message instructs the gateway corresponding to the attacker to control traffic of the attacker. The present invention may be used on a communications network to prevent the attacker from attacking victim hosts on the network from the root, avoid blockage on the upstream network of the victim hosts.

Abstract: A file system is disclosed that includes an application wide name space instantiated in a global index (Gindex) that is used for accessing objects related to an application. Using the Gindex, a method for cache coherency includes establishing one or more appliances, each defining a storage cluster; establishing one or more tenants spanning across appliances, wherein an application stores objects in file systems associated with the appliances and tenants; establishing a Gindex including metadata relating to objects stored in association with the application; replicating the Gindex to plurality of data centers supporting the tenants; storing an original object at a first data center; storing a cached copy of the object at a second data center; aligning the cached copy using metadata for the object from a local copy of the Gindex.

Abstract: A file system is disclosed that includes an application wide name space instantiated in a global index (Gindex) that is used for accessing objects related to an application. Summary workload statistics are monitored and calculated via a calibrated hierarchical service level agreement (SLA) in a method of operation that includes: establishing a tenant wide name space used for accessing objects of an application stored in physical file systems across one or more appliances, each defining a storage cluster, in association with a tenant logically spanning across the appliances; and monitoring a performance statistic for the application across the tenant.

Abstract: A file system is disclosed that includes an application wide name space used for accessing objects related to an application. The file system includes one or more appliances. Each of the appliances logically define a storage cluster, for instance, a cluster file system. The file system also includes a tenant that logically spans across the one or more appliances. The file system also includes one or more physical file systems arranged within each of the one or more appliances. Further, one or more bucket sets define one or more corresponding physical file systems of a corresponding appliance for the tenant. The system also includes an application wide object name space that is used for accessing objects of an application, wherein the objects are stored in the physical file systems by bucket set across the one or more appliances in association with the tenant.

Abstract: An exemplary method for using USB device descriptors to uniquely identify computing environments may include: 1) detecting a set of USB devices connected to a computing device within a computing environment, 2) obtaining a USB device descriptor for each USB device within the set of USB devices, and then 3) creating an environmental signature for the computing environment that identifies the computing environment based at least in part on the USB device descriptors. Exemplary methods for using such environmental signatures to uniquely identify computing environments are also disclosed.

Abstract: A method includes determining whether new phishing site identifiers (URLs and/or IP addresses) have been created. Upon a determination that the new phishing site identifiers have been created, the new phishing site identifiers are compared to site identifiers of sites to which critical values have been provided in the past. Upon a determination that at least one of the new phishing site identifiers matches at least one of the site identifiers, a phishing notification is provided that the user was successfully phished in the past.

Abstract: A method for enforcing parental-control policies on user-generated content may include identifying a web document with user-generated content and identifying a set of links in the web document that relate to the user-generated content in the web document. The method may also include identifying a target web document for each link in the set of links and determining a parental-control rating for each link in the set of links based on the target web document. The method may further include generating a composite rating of the web document based on the parental-control rating of each link in the set of links. Various other methods, systems, and computer-readable-storage media are also disclosed.

Abstract: A computer-implemented method for using guardian proximity to control computing activities of children. The method may include determining that a child is attempting to access a computing system and determining whether a guardian of the child is in proximity of the computing system. The method may also include limiting the child's access to one or more resources of the computing system if the guardian of the child is not in proximity of the computing system and permitting the child to access the one or more resources of the computing system if the guardian of the child is in proximity of the computing system.

Abstract: A computer-implemented method for using property tables to perform non-iterative malware scans may include (1) obtaining at least one malware signature from a security software provider that identifies at least one property value for an item of malware, (2) accessing a property table for a computing device that identifies property values shared by one or more application packages installed on the computing device and, for each property value, each application package that shares the property value in question, and (3) determining, by comparing each property value identified in the malware signature with the property table, whether any of the application packages match the malware signature without having to iterate through the individual property values of each application package. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: The present invention includes a method and system for scanning network devices connected to a network by detecting connection of a first network device to the network and performing remote scanning of the first network device in response to detection of the first network device.

Abstract: A computer-implemented system and method for providing secure remote document access is provided. An index is created for the documents in a local document store. The resulting index is provided to a remote search server that operates independently of the local document store. Each document in the document store is also encrypted and provided to a remote document server that operates independently of the local document store. The encrypted documents can be located using the index on the remote search server and can be retrieved from the remote document server using an identifier obtained from the remote search server.

Abstract: A computer-implemented method for handling client-server communications. The method may include 1) receiving, at a client system, a first command whose execution involves sending a first request to a server from a first transitory process associated with the first command; 2) initializing, on the client system, a communication proxy configured to relay communications between the server and transitory processes on the client system; 3) establishing a connection between the communication proxy and the server; 4) authenticating the communication proxy with the server; 5) establishing an inter-process communication channel configured to enable communication between the communication proxy and the transitory processes; 6) sending the first request from the first transitory process to the communication proxy over the inter-process communication channel; and 7) relaying the first request to the server via the connection between the communication proxy and the server.