Abstract: Protecting the integrity and the effectiveness of a security agent that is installed in a user's device while the user's device operates online or offline. The security agent may be used for enforcing a security policy required by an organization or network to which the user's computer belongs. One aspect of exemplary embodiments of the present invention is to associate the content of one or more storage devices of the user's computer with the security agent and with a boot-loader program used by the user's computer.

Abstract: The pureness of a connection between an external device and a host computer can be inspected or monitored to determine the status: connected or disconnected. When it is determined that a disconnection state is entered, an indication can be sent to the host and, in parallel, the data transportation from and/or to the external device may be manipulated. In some embodiments an exemplary connection protector device (CPD) may be added to the connection in between the external device and the host. The CPD can have two connectors one for the host and one for the cable of the external device. The CPD can be adapted to identify any disconnection in the connection with the host and/or the connection with the external device on the other side of the CPD.

Abstract: Secure operation of SEMDs on a client computer in a host system is obtained by controlling what applications (i.e., U3 applications) that can run on the host system and access data on the SEMD. Applications allowed to run on each host machine are identified and any access to the SEMD by an allowed application is permitted and other access are prohibited. Security and/or privacy for data that is stored on a SEMD is provided by only allowing approved USB memory card based applications to access the data stored on the SEMD. All other applications, either unapproved USB memory card based applications or non-SEMD resident cannot access the data on the SEMD. Other security is provided by preventing access to the SEMD except for computers or systems that are a part of a company's private network and maintaining the data on the SEMD in an encrypted state.

Abstract: Virtualization snapshots are utilized for efficiently synchronizing virtual machines present on a client system and a server system. A snapshot of a virtual machine (VM) is taken by the client system before making modifications to the VM. The modifications to the VM are stored by the virtualization snapshot separate from the VM itself. The modified portions of the VM are communicated by the client system to the server system. The server system applies the modifications to a locally stored VM that corresponds to the original VM on the client system. The modified VM on the server system matches the modified VM on the client. As a result synchronization between the VMs on client system and the server system is obtained without transferring the entire VM multiple times. The server system performs format conversions between a format of the client system and the server system on the VM.

Abstract: A method to provide instant duplication of the machine images of an IT environment. The method is implemented by a system that includes a management server to oversee all operations, a storage controller, at least one host target machine of the IT Environment and at least one simple storage disk controlled by the storage controller. The method includes configuring each host target machine to access a logical drive as its hard drive, managing by the storage controller of the information inside each logical drive and storing the information on each of the at least one disks. The method also includes implementing the storage controller of two duplication algorithms. A third algorithm is provided for choosing between the first and the second duplication algorithms for each of the at least one disk elements in the IT environment.

Abstract: In a private network setting in which various computers can be attached, the confidential or sensitive data within the various devices on the private network is vulnerable. The ability to copy such confidential or sensitive data to a storage device communicatively coupled to a client computer on the network is governed and controlled. Only devices that include an authentic stamp or digital certificate can be accessed by client computers. If a device does not have a valid stamp or the stamp has been black listed, then the access to the device can be prevented or greatly limited.

Abstract: A method to provide instant duplication of the machine images of an IT environment. The method is implemented by a system that includes a management server to oversee all operations, a storage controller, at least one host target machine of the IT Environment and at least one simple storage disk controlled by the storage controller. The method includes configuring each host target machine to access a logical drive as its hard drive, managing by the storage controller of the information inside each logical drive and storing the information on each of the at least one disks. The method also includes implementing the storage controller of two duplication algorithms. A third algorithm is provided for choosing between the first and the second duplication algorithms for each of the at least one disk elements in the IT environment.

Abstract: In a private network setting in which various computers can be attached, the confidential or sensitive data within the various devices on the private network is vulnerable. The ability to copy such confidential or sensitive data to a storage device communicatively coupled to a client computer on the network is governed and controlled. Only devices that include an authentic stamp or digital certificate can be accessed by client computers. If a device does not have a valid stamp or the stamp has been black listed, then the access to the device can be prevented or greatly limited.

Abstract: Protecting the integrity and the effectiveness of a security agent that is installed in a user's device while the user's device operates online or offline. The security agent may be used for enforcing a security policy required by an organization or network to which the user's computer belongs. One aspect of exemplary embodiments of the present invention is to associate the content of one or more storage devices of the user's computer with the security agent and with a boot-loader program used by the user's computer.

Abstract: Embodiments of the present invention provide systems, methods and computer program products for testing software in a virtual private environment. One embodiment of a method for testing software in a virtual private environment includes cloning an original computing environment into one or more virtual environments, wherein the one or more virtual environments have identical configurations to the original computing environment and contain one or more client applications. The method further comprises determining a private network IP address corresponding to a registration request from an end user and establishing a connection between the end user and the virtual private network. The private network IP address is routed to a first of one or more identical virtual environments. Access is then allowed to the first virtual environment in order to allow the end user to test the one or more client applications on the first virtual environment.

Abstract: The pureness of a connection between an external device and a host computer can be inspected or monitored to determine the status: connected or disconnected. When it is determined that a disconnection state is entered, an indication can be sent to the host and, in parallel, the data transportation from and/or to the external device may be manipulated. In some embodiments an exemplary connection protector device (CPD) may be added to the connection in between the external device and the host. The CPD can have two connectors one for the host and one for the cable of the external device. The CPD can be adapted to identify any disconnection in the connection with the host and/or the connection with the external device on the other side of the CPD.

Abstract: Secure operation of SEMDs on a client computer in a host system is obtained by controlling what applications (i.e., U3 applications) that can run on the host system and access data on the SEMD. Applications allowed to run on each host machine are identified and any access to the SEMD by an allowed application is permitted and other access are prohibited. Security and/or privacy for data that is stored on a SEMD is provided by only allowing approved USB memory card based applications to access the data stored on the SEMD. All other applications, either unapproved USB memory card based applications or non-SEMD resident cannot access the data on the SEMD. Other security is provided by preventing access to the SEMD except for computers or systems that are a part of a company's private network and maintaining the data on the SEMD in an encrypted state.