Patents Assigned to Symantec
-
Patent number: 7739738Abstract: A robust and reliable mechanism is disclosed for detecting whether a system has (or may have) been booted into a compromised or otherwise unprotected environment, so that a persisted clean file cache can be used across boots when appropriate. As such security scanning of files. A clean file cache can be maintained and used by a security application to avoid unnecessarily re-scanning a file that has not been modified since last being scanned and determined clean. Unnecessary scans are therefore avoided.Type: GrantFiled: March 15, 2006Date of Patent: June 15, 2010Assignee: Symantec CorporationInventors: William E. Sobel, Bruce E. McCorkendale
-
Patent number: 7739541Abstract: Systems, methods, apparatus and software can configure, support, and make use of a coordinator virtual device to determine which node or nodes of a cluster should be ejected from the cluster as a result of a cluster partition or other error event. Fencing software operating on the cluster nodes monitors the cluster for a cluster partition (split-brain) event, and when such an event occurs, software on the nodes attempts to gain control of the coordinator virtual device. A node that succeeds in gaining control of the coordinator virtual device survives. Nodes failing to gain control of the coordinator virtual device remove themselves or are removed from the cluster. The coordinator virtual device can be established by a virtual device configuration server which provides coordinator virtual device access to cluster nodes acting as virtual device configuration clients.Type: GrantFiled: July 25, 2003Date of Patent: June 15, 2010Assignee: Symantec Operating CorporationInventors: Santosh S. Rao, Gopal Sharma, Poonam P. Dhavale
-
Patent number: 7739689Abstract: Methods and systems are provided for internal monitoring of applications. A distributed management framework may comprise a plurality of applications and application servers, wherein each of the applications is configured to make function calls to standard programming functions. The function calls to the standard programming functions are intercepted. The function calls are routed to alternative implementations of the standard programming functions, and the alternative implementations are used to collect availability metrics for the plurality of applications. Manager threads may be used for internal monitoring of application execution. Applications may be modified with additional instructions to monitor program execution and automatically generate output comprising an execution history.Type: GrantFiled: February 27, 2004Date of Patent: June 15, 2010Assignee: Symantec Operating CorporationInventors: Michael P. Spertus, Christopher D. Metcalf, Richard Schooler, David A. Stuckmann
-
Patent number: 7739245Abstract: A method, system, application programming interface, computer system and computer program product to provide locks for controlling access to data by nodes in a multi-node system while minimizing the number of messages sent between nodes. Locks can be grouped into blocks of locks, and exclusive access to data protected by locks in a block of locks can be granted together to a block agent for a particular node. The block agent handles requests for access to the data on behalf of clients running on the respective node. The block agent sends a message to a block master running on another node only when a request is made for access to data to which the block agent has not already obtained access. Access can be granted to a block agent for an entire block or for a portion of a block of locks.Type: GrantFiled: September 30, 2002Date of Patent: June 15, 2010Assignee: Symantec Operating CorporationInventors: Anurag Agarwal, Harold B. Prince, Jr.
-
Patent number: 7739464Abstract: A system or method for creating a point-in-time (PIT) or backup copy of one or more data volumes using a roll-back log. The backup copy can be created without employing hot backup mode. In one embodiment, the method includes copying data blocks of a volume to a backup memory configured to store a backup copy of the volume, wherein the data blocks are sequentially copied until all of the data blocks of the volume are copied to the backup memory. A first request is generated to overwrite existing data of a first data block of the volume with new data before all of the data blocks of the volume are copied to the backup memory. Before overwriting the existing data and before all of the data blocks of the volume are copied to the backup memory, the existing data is copied to a first memory (e.g., the roll-back log). Before all of the data blocks of the volume are copied to the backup memory, the existing data is overwritten with the new data.Type: GrantFiled: June 30, 2004Date of Patent: June 15, 2010Assignee: Symantec Operating CorporationInventors: Timothy R. Coulter, Raghu Krishnamurthy, Par A. Botes
-
Patent number: 7739278Abstract: A non-application specific file attribute manager (101) receives (201) a plurality of files (103) in a plurality of formats. The file attribute manager (101) scans (203) the plurality of received files (103), and gleans (205) attributes concerning each of the plurality of scanned files (103). The file attribute manager (101) stores (207) gleaned attributes concerning each of the scanned files (103) as records (105) in a database (107). The file attribute manager (101) indexes (209) the records (105) according to the contents of their associated files (103).Type: GrantFiled: August 22, 2003Date of Patent: June 15, 2010Assignee: Symantec CorporationInventor: William E. Sobel
-
Patent number: 7739677Abstract: A system and to prevent data corruption due to split brain in shared data clusters includes two or more nodes of a cluster, a shared storage device, and an update manager. The update manager may be configured to maintain a local persistent store corresponding to each node of the cluster. On receiving an update request directed to the shared storage device from a first node, the update manager may be configured to redirect the update to the local persistent store corresponding to the first node. The update manager may be further configured to verify a cluster membership status of the first node, and to transfer the contents of the update from the local persistent store to the shared storage device if the cluster membership verification succeeds.Type: GrantFiled: May 27, 2005Date of Patent: June 15, 2010Assignee: Symantec Operating CorporationInventors: Anand A. Kekre, Oleg Kiselev, Robert Baird
-
Patent number: 7739740Abstract: A polymorphic threat manager monitors an incoming email stream, and identifies incoming email messages to which executable files are attached. The polymorphic threat manager characterizes incoming executable files according to at least one metric. For example, the polymorphic threat manager can decompose an executable file into fragments, hash some or all of these, and use the hashes as characterization metrics. The polymorphic threat manager subsequently de-obfuscates executable files, and creates corresponding characterization metrics for the de-obfuscated images. The characterizations of executable files before and after de-obfuscation are compared, and if they differ sufficiently, the polymorphic threat manager determines that the file in question is polymorphic. The characterization metrics of such an executable file after de-obfuscation can be used as a signature for that file.Type: GrantFiled: September 22, 2005Date of Patent: June 15, 2010Assignee: Symantec CorporationInventors: Carey Nachenberg, Jeffrey Wilhelm
-
Patent number: 7739337Abstract: A method and system for grouping spam email messages are described. In one embodiment, the method includes receiving probe email messages indicative of spam and modifying the probe email messages to reduce noise. The method further includes comparing the probe email messages using fuzzy logic to identify similar email messages, and creating groups of similar email messages. Each of the created groups pertains to a distinct spam attack.Type: GrantFiled: June 20, 2005Date of Patent: June 15, 2010Assignee: Symantec CorporationInventor: Sanford Jensen
-
Publication number: 20100146122Abstract: A method, system, computer-readable storage medium and apparatus for balanced and consistent placement of resource management responsibilities within a multi-computer environment, such as a cluster, that are both scalable and make efficient use of cluster resources are provided. Embodiments reduce the time that a cluster is unavailable due to redistribution of resource management responsibilities by reducing the amount of redistribution of those responsibilities among the surviving cluster members. Embodiments further provide redistribution of resource management responsibilities based upon relative capabilities of the remaining cluster nodes.Type: ApplicationFiled: March 30, 2009Publication date: June 10, 2010Applicant: Symantec CorporationInventors: Harold B. Prince, JR., Balemurughan Kumaresan, Kai Chiu Wong
-
Patent number: 7734820Abstract: A system and method for adaptively responding to update messages for a replica of a data object. A node may maintain first information regarding a replica of a data object. In various embodiments, the first information may comprise any kind of information regarding the replica of the data object. In one embodiment, the first information may comprise information indicative of accesses to the replica of the data object, e.g., may comprise access history information. In response to receiving a message for updating the replica of the data object, the node may respond to the message based on the first information. For example, the node may select one or more operations to perform based on the first information and may perform the one or more selected operations.Type: GrantFiled: December 31, 2003Date of Patent: June 8, 2010Assignee: Symantec Operating CorporationInventors: Dilip Madhusudan Ranade, Radha Shelat, Navin Kabra
-
Patent number: 7735116Abstract: A unified threat management system is provided with a uniform relational rules model. The unified relational rules model provides for the sub-setting of rules and the ability to derive a result based partially from previous security measurements. The sharing of a security check from one security implementation to another using an object-oriented methodology is facilitated. Security policy is divided into specific security features that result in a security hierarchy. The security features may be considered to be listed sequentially, from bottom to top, and form a relationship with one another. These relationships are used to build a current security measure upon a previous security measure and may be used as a pre-cursor when marshalling data content to be validated.Type: GrantFiled: March 24, 2006Date of Patent: June 8, 2010Assignee: Symantec CorporationInventor: William Gauvin
-
Patent number: 7733774Abstract: A method and apparatus for monitoring a process to determine when an abnormal process exit occurs comprising monitoring events related to the process and detecting a communication connection closing without receiving a notification of an exit event for the process. On detection of an abnormal exit of a process associated with the communication connection, the method and apparatus provide special failover processing including, for example, a TCP connection failover process.Type: GrantFiled: June 7, 2007Date of Patent: June 8, 2010Assignee: Symantec CorporationInventors: Prasanth Nalini Sasidharan, Asmita Jagtap, Harshad Toke
-
Patent number: 7735079Abstract: A compatibility module manages compatibility issues between software applications installed on a computing device by intervening with installation of incompatible software applications to ensure compatibility problems are resolved. In one embodiment, an information control module stores compatibility information for a plurality of software applications, and this information describes how to resolve compatibility problems among the software applications. A search module searches for compatibility information, and a testing module analyzes the compatibility information to determine whether installation of a first software application on a computing device is compatible with the plurality of software applications installed on the computing device. Finally, an installation control module regulates the installation based on the result of the compatibility analysis.Type: GrantFiled: February 4, 2005Date of Patent: June 8, 2010Assignee: Symantec CorporationInventors: Collin Davis, Ellery Pierce, Brian Powell
-
Patent number: 7734887Abstract: Tracking of memory block relocation when write occur to memory blocks. After detecting a write operation to be performed on a particular target memory block, it is identified whether the write operation is due to a relocation of data from another memory block. Depending at least in part on this result, the modified data may not need to be included in a subsequent incremental backup. If appropriate, relocation data is included instead. This may potentially reduce the size of the incremental backup, especially in cases in which there were many memory block movements since the last backup, as is the case with defragmentation.Type: GrantFiled: May 30, 2007Date of Patent: June 8, 2010Assignee: Symantec CorporationInventor: Russell R. Stringham
-
Patent number: 7734681Abstract: A plurality of virtual circuits, each including at least two network nodes, may be established over a single network connection for inter-process messaging. The network connection may be opened asynchronously via a non-blocking open. A virtual circuit including three or more nodes may be implemented in a star formation or a relay formation. Messages may be sent as unicast or broadcast messages. An additional virtual circuit may be opened for the purpose of transmitting status information regarding the network connection between the networked computer systems.Type: GrantFiled: August 20, 2002Date of Patent: June 8, 2010Assignee: Symantec Operating CorporationInventors: Ming Xu, Phuong Thao Trung Le
-
Patent number: 7734878Abstract: Systems, methods, apparatus and software can make use of separated I/O processors and strategy processors (implemented in hardware and/or software) to perform virtual device I/O operations. I/O processors operating on cluster nodes, storage appliance ports, or other devices can receive I/O operation requests directed to virtual devices, e.g., volumes or virtual logical units. Information about the request is forwarded to a strategy processor, operating independently or as part of larger volume management software where corresponding physical device I/O operations are determined. The physical device I/O operations can include additional information about the operations, e.g., tag information and summary information, for use in processing the virtual device I/O request. The physical device I/O operations are sent back to the I/O processor which executes the operations and/or passes the operation on to the appropriate storage device.Type: GrantFiled: April 10, 2007Date of Patent: June 8, 2010Assignee: Symantec Operating CorporationInventors: Gopal Sharma, Oleg Kiselev, Santosh Shankar Rao
-
Patent number: 7735057Abstract: A software application streamed from a host system to a target system comprises the installation or configuration logic for another software application. In certain embodiments, the installation logic conforms to a well-known installation standard. The described technique allows the use and/or execution of installation logic or other related objects when these objects do not exist in their entirety on the target system. The application installation that results from this process may configure the subsequent application to be delivered only in part (in streamed mode) or in its entirety.Type: GrantFiled: August 21, 2003Date of Patent: June 8, 2010Assignee: Symantec CorporationInventors: Ophir Rachman, Uri Raz, Danny Holzman, Ryan M. McCarten, Gilad A. Ben Zeev, Yaron Halperin, Gabriel Malka
-
Patent number: 7735100Abstract: Within the context of a system of networked computers, a remote registry access manager regulates remote registry access. In some embodiments, the remote registry access manager runs on a first computer and detects attempts by processes on the first computer to remotely access a second computer's registry. The remote registry access manager determines whether attempts to remotely access the second computer's registry are legitimate. Legitimacy of a given remote access attempt may be determined based on a number of different criteria, such as whether the first computer and the second computer have an established trust relationship. If a given attempt is indeed determined to be legitimate, the remote registry access manager allows the attempt to proceed. If it is not, then the remote registry access manager blocks the attempt.Type: GrantFiled: April 22, 2004Date of Patent: June 8, 2010Assignee: Symantec CorporationInventor: Ahmed Sallam
-
Patent number: 7734907Abstract: Systems and methods are disclosed for redirecting data. These systems and methods may include transmitting over a network an indication from a first node to a second node that a third node has failed. In addition, a first data may be reconfigured to be transmitted over the network between a fourth node and the first node after the indication has been received by the second node. The first data may be initially configured to be transmitted over the network between the second node and the third node. Furthermore, the disclosed systems and methods may include configuring the first node and the fourth node to send and receive the reconfigured first data as encrypted data via a first tunnel and configuring the second node and the third node to send and receive the first data as encrypted data via a second tunnel.Type: GrantFiled: December 8, 2003Date of Patent: June 8, 2010Assignee: Symantec CorporationInventor: Tong Zhu