Abstract: A network authentication method, a method for a client to request authentication, a client, and a device are provided.

Abstract: Computer implemented methods, apparatus, and computer-readable media for detecting suspected spam in e-mail (24) originating from a sending computer (21). A method embodiment comprises the steps of determining (11) the actual IP address (23) of the sending computer (21); converting (12) the actual IP address (23) into geo-location data; and, using the geo-location data, ascertaining (13) whether the e-mail (24) contains suspected spam.

Abstract: The file context of a target file to be scanned is determined and the scan level for the file context is determined. Generally, the security risk for each file context is assessed, and the scan level appropriate for the security risk is associated with the file context. The target file is scanned at the scan level. Accordingly, a target file having a file context indicating that the file is a high security risk is scanned at a high scan level, i.e., is subject to a maximum-security scan. In this manner, high-level security is maintained. Conversely, a target file having a file context indicating that the file is a low security risk is scanned at a low scan level, i.e., is subject to a minimum-security scan or no scan at all. In this manner, high security is maintained while at the same time maximum performance is achieved.

Abstract: A method, system, computer system, and computer-readable medium for maintaining up-to-date, consistent copies of primary data without the need to replicate modified data when the data were modified as a result of an operation that is not an application-driven write operation captured during replication. Selected storage management operations are performed on the primary and secondary data stores at points in time when the data are the same to ensure that the data stored within the data stores remain consistent. These selected storage management operations include operations that produce modified data stored in the primary data store, where a portion of the modified data are not replicated to a secondary node. Other types of storage management operations are selected to be performed on both the primary and secondary data stores, where the operations do not directly change data in the primary data store, but may affect data stored in the primary data store.

Abstract: A method involves generating a business rule; the business rule indicates whether a file should be included in a backup operation. Data is accumulated in a file history database, and the data represents one or more associations of the file. A result is determined, indicating whether the business rule indicates the file should be included in the backup operation. The result is based, at least in part, on the data in the file history database. The result is reported.

Abstract: A computer system that implements a method for creating a virtual snapshot of a first storage object. A first storage object such as a data volume is created, wherein creating the first storage object includes creating a first storage object description. This first storage object description relates the first storage object to underlying first storage objects or first physical memory regions. After creating the first storage object, a virtual copy of the first storage object is created as a second storage object. Creating the second storage object includes creating a second storage object description, wherein the second storage object description relates the second storage object to the first storage object. The first storage object is transmitted to a first computer system, and the second storage object description is transmitted to a second computer system.

Abstract: A reputation server is coupled to multiple clients via a network. A security module at a client identifies an application and determines whether it is on a white list. If the application is not on the white list, the security module monitors the application using a strict set of signatures. If the application is on the white list, the security module monitors the application using a relaxed set of signatures. The relaxed set of signatures can exclude legitimate characteristics possessed by the application as specified by the white list. The security module evaluates whether the application is malicious based at least in part on whether it possesses suspicious characteristics described by the signatures. The reputation server receives reports from clients identifying applications and describing characteristics possessed by the applications and uses the reports to generate the white list.

Abstract: Contextual data is gathered about a user's known location and/or about a user's expected location and generates contextual indicators based on at least a portion of the gathered contextual data. The contextual indicators are provided to one or more relying parties, such as an anti-fraud system to allow the anti-fraud system to more effectively determine the validity of transactions associated with the user, such as credit card transactions associated with the user's credit card.

Abstract: A method of configuring a processing system to perform application setting activity using a removable storage device in data communication with the processing system includes a) selecting an application, where setting activity associated with the selected application is to be performed using the removable storage device, b) installing, in the processing system, an interception module to intercept application setting activity associated with the selected application; and c) in response to the interception module intercepting application setting activity associated with the selected application, performing the application setting activity using the removable storage device, thereby storing application setting data associated with the selected application in the removable storage device.

Abstract: A method, system, and computer-readable medium to maintain consistent, up-to-date copies of primary data. Primary data is maintained on a primary node, and point-in-time snapshots of the primary data are maintained on a secondary or remote node. Read operations can be directed to read some or all data from the remote node. When part of the data on the primary node becomes unavailable due to corruption, device failure, or communication failure, unavailable data can be read from the secondary node. When the determination is made that an unavailable portion of the data exists, a third data storage accessible by the first host can be created. Each subsequent change to the data in the first data storage can be written only to the third data storage. If an updated portion of the data is to be read, the updated portion can be read from the third data storage.

Abstract: A method and apparatus to reconfigure parameters for establishing a link with a new host after a computer is moved to a new location or a new network.

Abstract: Techniques for file system resource restoration are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for file system resource restoration comprising modeling source configuration information of one or more file system resources associated with a first storage management system, modeling target configuration information of one or more file system resources associated with a second storage management system, mapping one or more portions of the source configuration information to the target configuration information, generating computer executable restoration instructions based at least in part on the mapping; and executing the computer executable restoration instructions to restore one or more file system resources of the source configuration information to a target computing platform identified by the target configuration information.

Abstract: Method and apparatus for detecting web-based electronic mail in network traffic is described. In some examples, web pages are extracted from the network traffic. Fields in each page of a group of the web pages that share a documents structure are identified. A statistical analysis of the fields of each page in the group of web pages is performed to identify any electronic mail (e-mail) fields. The group of web pages is indicated to include web-based e-mail messages if the fields of each page in the group of web pages include at least one e-mail field.

Abstract: A computer includes a virtual machine controlled by a hypervisor. The virtual machine runs a virtualized operating system with running processes. A security initialization module sets the state in the virtual machine to pass execution from the virtual machine to the hypervisor responsive to a process making a system call in the virtualized operating system. Responsive to execution being passed from the virtual machine to the hypervisor, a security module analyzes the process making the system call to determine whether it poses a security threat. If a security threat is found, the security module takes remedial action to address the threat.

Abstract: A method and apparatus for defining the scope of a search is described. In one embodiment, user input is received, and the scope is defined, based on the user input, for a search of free-form text for information from any random rows within a tabular structure of source data. In one embodiment, the search is intended for finding, in the free-form text, a sub-set of data fragments that matches information from any single row within the tabular structure of the source data.

Abstract: A method and apparatus for scanning structured data from a data repository having an arbitrary data schema and for applying a policy to the data of the data repository are described. In one embodiment, the structured data is converted to unstructured text data to allow a schema-independent policy to be applied to the text data in order to detect a policy violation in the data repository regardless of the data schema used by the data repository.

Abstract: A method and apparatus for automatically correlating policy violation incidents. In one embodiment, the method includes receiving user input identifying one of policy violation incidents stored in a data repository, where each policy violation incident is associated with one or more attributes. The method further includes automatically correlating the identified policy violation incident with other policy violation incidents that have in common at least one attribute with the identified policy violation incident, and presenting the resulting correlation information to a user.

Abstract: A method, apparatus, and computer program product for setting and implementing a policy to compress the history of data on a temporal volume is described.

Abstract: Techniques for continuous data protection are disclosed. In one particular exemplary embodiment, the techniques may be realized as a method for reducing data protection system outages comprising polling a data protection client device, receiving a response from the data protection client device, parsing the response to determine whether restarting a data protection process is required, and restarting a data protection process on the data protection client device, if restarting the data protection process is required.

Abstract: A method and system of providing replica files within a fileset is disclosed. According to one embodiment, a method is provided which comprises associating a source file and a replica file of the source file within a fileset, wherein the replica file of the source file comprises a virtual copy of the source file. In another embodiment wherein the source file comprises a metadata file system object and the replica file of the source file comprises a replica metadata file system object, the associating comprises generating a reference within the replica metadata file system object to the metadata file system object.