Abstract: Corruption detection in backups is disclosed. Backups that are received into a backup environment are stored in corresponding lineages. A detection engine is configured to perform corruption detection operations on the most recent backups in each of the lineages based on a sample frequency. Corruption detection operations may also be performed randomly and based on unexpected or unusual changes in backup metadata.

Abstract: A method and system for source versus target metadata-based data integrity checking. Concerning backup operations directed to protecting given data, said given data may be subjected to corruption detection at the source prior to initiating a backup operation, however, said given data may not be checked for data integrity following transfer of said given data to a target storage medium prior to committing the said given data thereto. That is, at least presently, the prospect of data corruption compromising given data during the time window through which the given data journeys, usually via a network, from its source to a target storage medium, is often overlooked. The disclosed method and system, accordingly, propose a scheme directed to detecting corruption amongst data transferred from a source to a target storage medium, and handling said data given the determined integrity of said data.

Abstract: A method and system for source versus target metadata-based data integrity checking. Concerning backup operations directed to protecting given data, said given data may be subjected to corruption detection at the source prior to initiating a backup operation, however, said given data may not be checked for data integrity following transfer of said given data to a target storage medium prior to committing the said given data thereto. That is, at least presently, the prospect of data corruption compromising given data during the time window through which the given data journeys, usually via a network, from its source to a target storage medium, is often overlooked. The disclosed method and system, accordingly, propose a scheme directed to detecting corruption amongst data transferred from a source to a target storage medium, and handling said data given the determined integrity of said data.

Abstract: A method and system for threat aware data protection. Threat awareness intelligence, directed to preventing information or cyber security issues, are becoming a critical requirement for data protection (or backup) services. Accordingly, a centralized policy framework is proposed through which threat evaluations may be performed synchronously, as well as asynchronously, with data backup operations to ensure the ingestion of threat-free data into backup storage.

Abstract: One example method includes moving a volume from a source server to a target server. In one example, the volume is moved and the need to copy the source data is eliminated. The volume to be moved is selected and metadata associated with the save sets stored on the volume is exported to a volume bootstrap, which is also stored on the selected volume. The volume is mounted or attached to the target server and the metadata is imported from the volume bootstrap. The volume is made read/write and is moved from the source server to the target server.

Abstract: One example method includes moving a volume from a source server to a target server. In one example, the volume is moved and the need to copy the source data is eliminated. The volume to be moved is selected and metadata associated with the save sets stored on the volume is exported to a volume bootstrap, which is also stored on the selected volume. The volume is mounted or attached to the target server and the metadata is imported from the volume bootstrap. The volume is made read/write and is moved from the source server to the target server.

Abstract: Included are embodiments for port enablement. One embodiment of a method includes inserting a streams module in a kernel space of a host device, the streams module being coupled to a stream head, the streams module coupled to a transmission control protocol (TCP) module and receiving a bind request on a socket, the bind request associated with an application. Embodiments also include determining a process name associated with the received bind request, determining, based on the determined process name, a meta-configuration rule for a firewall configuration of the application and utilizing the determined meta-configuration rule for the firewall configuration of the application.

Abstract: A management system generates a sequence of keys and an identifier of each key in the sequence. A current key in the sequence and the identifier of the current key are transferred from the management system to a storage system. The storage system encrypts the data into encrypted data using the current key. The storage system stores the identifier and the encrypted data. The identifier and the encrypted data are retrieved from the storage system. The key in the sequence identified by the identifier is transferred from the management system to the storage system. The storage system decrypts the encrypted data using the decryption key.

Abstract: Included are embodiments for port enablement. One embodiment of a method includes inserting a streams module in a kernel space of a host device, the streams module being coupled to a stream head, the streams module coupled to a transmission control protocol (TCP) module and receiving a bind request on a socket, the bind request associated with an application. Embodiments also include determining a process name associated with the received bind request, determining, based on the determined process name, a meta-configuration rule for a firewall configuration of the application and utilizing the determined meta-configuration rule for the firewall configuration of the application.

Abstract: Systems and methods secure data in storage. A management system generates a sequence of keys and an identifier of each key in the sequence. A current key in the sequence and the identifier of the current key are transferred from the management system to a storage system. The storage system encrypts the data into encrypted data using the current key. The storage system stores the identifier and the encrypted data. The identifier and the encrypted data are retrieved from the storage system. The key in the sequence identified by the identifier is transferred from the management system to the storage system. The storage system decrypts the encrypted data using the decryption key.