Abstract: Various methods and systems for using email to convey backup and restore data are disclosed. One method involves: receiving a request to perform a backup system operation; generating an email that includes data and metadata (which is associated with the data); and sending the email to an email address associated with a backup system component. The request can be a backup request, in which case the data includes data to be backed up, and the backup system component is a backup server. Alternatively, the request can be receiving a restore request. In this scenario, the data includes data to be restored, and the backup system component is a backup client.

Abstract: A system and method for efficiently accessing replicas of a storage object. A first node may perform a find operation to determine a plurality of nodes that each store a replica of a first storage object. For each node in the plurality of nodes, the first node may establish a direct connection to the node. The first node may then access the replicas of the first storage object using the respective direct connections to the plurality of nodes. In one embodiment, the nodes may be nodes in a peer-to-peer network. Establishing a direct connection to each storage object replica may enable the first node to communicate with each node in a single hop without having to pass messages via intermediate nodes in the peer-to-peer network.

Abstract: A method and apparatus for providing dynamic multi-pathing for an asymmetrical logical unit access (ALUA) based storage system. The method comprises identifying a first processor within a storage system as providing an optimized path to a disk array, identifying a second processor within a storage system as providing an unoptimized path to the disk array and, in response to failure of the optimized path, immediately switching from the optimized path to the unoptimized path.

Abstract: A computer-implemented method for normalizing data-loss-prevention categorization information, at least a portion of the method being performed by a computing system comprising at least one processor, may identify a data object at a first time. The method may apply a first version of a set of data-loss-prevention rules to the data object to determine a set of categorizations of the data object. The method may distinguish a set of content-based categorizations in the set of categorizations from a set of context-based categorizations in the set of categorizations. The method may apply, based on the set of categorizations, a first data-loss-prevention policy to the data object. The method may identify the data object at a second time, and apply, based on the set of content-based categorizations, a second data-loss-prevention policy to the data object. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A computer-implemented method for evaluating the startup performance of a remote computing system may comprise: 1) commanding the remote computing system to power on using an out-of-band remote-management protocol, 2) determining when the remote computing system becomes responsive to an in-band remote-management protocol, and then 3) calculating the amount of time that elapsed between when the remote computing system was commanded to power on and when the remote computing system became responsive to the in-band protocol. Similarly, a method for evaluating the shutdown performance of a remote computing system may comprise: 1) commanding the remote computing system to shut down using an in-band remote-management protocol, 2) determining when the remote computing system has powered off using an out-of-band remote-management protocol, and then 3) calculating the amount of time that elapsed between when the remote computing system was commanded to shut down and when the remote computing system powered off.

Abstract: Techniques for host to host transfer of media and the use of persistent reservation to protect media during host to host transfer is disclosed. Exemplary embodiments may be realized as methods and systems for transferring a sequential media loaded in a drive from a first host to a second host without physically unloading the media. The first host may have a persistent reservation or non-persistent reservation of the drive. Likewise, the second host may have a persistent reservation or non-persistent reservation of the drive. Logical unload, logical load and preemption commands are utilized as is error recovery from a failed reservation.

Abstract: A method of intelligently copying recovery points from a primary storage device to a secondary storage device is presented. The decision on how to copy the recovery points depends upon the backup copy policy as well as the availability of previous backups on the secondary storage device.

Abstract: Embodiments of a mechanism for creating and configuring virtual fabrics in Storage Area Networks (SANs). Embodiments may provide a vendor-neutral mechanism for creating and configuring virtual fabrics in physical SAN fabrics that may include heterogeneous switches. Each virtual fabric may include its own name service, management service, fabric configuration service, zoning service, and/or other fabric services. A vendor-neutral virtual fabric utility may be provided for creating and managing virtual fabrics. In one embodiment, switch ports, switch slots and/or switches may be selected and added to new or existing virtual fabrics using the virtual fabric utility. In one embodiment, SAN components coupled to fabric switches (e.g. hosts, HBAs, HBA ports, storage devices and storage device ports) may be displayed for selection and assignment to the virtual fabric. Switch ports coupled to a selected SAN components may be automatically determined by the virtual fabric utility and added to the virtual fabric.

Abstract: A computer-implemented method for controlling initialization of a fingerprint cache for data deduplication associated with a single-instance-storage computing subsystem may comprise: 1) detecting a request to store a data selection to the single-instance-storage computing subsystem, 2) leveraging a client-side fingerprint cache associated with a previous storage of the data selection to the single-instance-storage computing subsystem to initialize a new client-side fingerprint cache, and 3) utilizing the new client-side fingerprint cache for data deduplication associated with the request to store the data selection to the single-instance-storage computing subsystem. Other exemplary methods of controlling initialization of a fingerprint cache for data deduplication, as well as corresponding exemplary systems and computer-readable-storage media, are also disclosed.

Abstract: A mechanism to selectively restore portions of a monolithically backed up database, while maintaining security relationships associated with the restored portions of the database is provided. Embodiments of the present invention provide a method, system and computer-readable storage medium for receiving a request to restore a selected object from among a plurality of backed up objects in a database backup, accessing security-related information associated with the selected object in the database backup, restoring the selected object using the information associated with the selected object in a target area, and associating elements of the security-related information with the restored selected object.

Abstract: A computer-implemented method for managing sub-clusters within a multi-cluster computing system subsequent to a network-partition event may include: 1) identifying a plurality of computer clusters, 2) identifying a network-partition event that partitions each of the plurality of computer clusters into multiple sub-clusters, 3) identifying, within the multiple sub-clusters, a plurality of nodes that share a common attribute or property, and then 4) ensuring that only those nodes that share the common attribute survive subsequent to the network-partition event. Various other methods, systems, and computer-readable media are also disclosed.

Abstract: A web site can be authenticated by a third party authentication service. A user designates an authentication device that is a shared secret between the user and the authentication service. A web site page includes a URL that points to the authentication service. The URL includes a digital signature by the web site. When the user receives the page, the user's browser issues a request to the authentication service, which attempts to authenticate the digital signature. If the authentication is successful, it sends the authentication device to the user computer.

Abstract: A computer-implemented method for transparently restoring data using streaming may comprise identifying an attempt to access backed-up data that is not present on a computing device, transmitting a request to a server to restore the backed-up data, receiving the backed-up data from the server via streaming, and restoring the backed-up data to the computing device. A corresponding method for streaming backed-up data to a target computing device is also disclosed. In addition, corresponding systems and computer-readable media are also disclosed.

Abstract: Techniques are disclosed for protecting a computer environment. The technique comprises providing an index; comparing a first event with the index; determining whether the first event is unusual; and determining whether a security incident associated with the first event has occurred.

Abstract: System and method for providing immutable data containers in tiered storage hierarchies. Embodiments may allow fulfillment of regulatory requirements for retaining certain data through management of a user-defined policy. The policy may specify what data in the file system needs to be stored as immutable data to the immutable data container in the file system. File system data may be tracked, and data specified by the policy may be transparently and automatically stored to the immutable data container within the file system. Updates to the data specified by the policy may also be stored to the immutable data container. This may be performed without overwriting or modifying the earlier version(s) of the data stored to the immutable data container, and thus every version of the data specified by the policy may be stored to and, if necessary, reconstructed from the immutable data container.

Abstract: A disk operation protection method and a disk controller are disclosed herein. The method includes: receiving a request for a disk operation; obtaining, by a disk controller, operation control parameters corresponding to the current disk area to be operated, and determining whether to allow operation of the current disk area according to the operation control parameters; if determining that the current disk area is allowed to be operated according to the operation control parameters, performing the disk operation. By implementing the embodiments of the present disclosure, the operation of the data stored in a disk is protected, illegal disk operations such as maliciously intended modification are prevented, the disk is protected in the process of generating data, and the defects of the disk protection mechanism in the prior art are overcome.

Abstract: A method and apparatus for providing single instance restoration of data files is provided. In one embodiment, a method for using a signature database to provide a single instance data restoration solution includes processing a restore request for a data file, wherein the data file is associated with a signature and examining a signature database using the signature to identify at least one locally available data file having at least one signature that matches the signature associated with the data file.

Abstract: A behavioral signature for detecting malware is generated. A computer is used to collect behavior traces of malware in a malware dataset. The behavior traces describe sequential behaviors performed by the malware. The behavior traces are normalized to produce malware behavior sequences. Similar malware behavior sequences are clustered together. The malware behavior sequences in a cluster describe behaviors of a malware family. The cluster is analyzed to identify a behavior subsequence common to the cluster's malware family. A behavior signature for the malware family is generated using the behavior subsequence. A trace of new malware is normalized and aligned with an existing cluster, if possible. The behavioral signature for that cluster is generated based on the behavior sequence of the new malware and the other sequences in the cluster.

Abstract: In response to an instruction to dismount a storage volume, for example, an object in the storage volume is identified and a handle that references the object is closed. Once an exclusive lock on the storage volume is acquired, the storage volume can be dismounted. The storage volume can then remounted.

Abstract: A secure browsing manager intercepts load calls, and determines whether intercepted load calls are attempting to load code into the browser. When the secure browsing manager detects that a load call is attempting to load code into the browser, it determines whether that code is trusted. The secure browsing manager processes the attempt to load the code into the browser according to whether or not the code is trusted. If the secure browsing manager determines that the code is trusted, it allows the code to be loaded into the browser, thereby securely allowing the benefits of loaded code. If the secure browsing manager determines that the code is not trusted, it blocks the attempt to load the code into the browser, or alternatively takes other actions, such as allowing the code to be loaded into the browser, but blocking certain user initiated activity.