Abstract: Monitoring write amplification metrics for a flash-based storage system, including: generating, by a controller of a storage system, data describing write activity for each storage device of a plurality of storage devices of the storage system, wherein the data describing the write activity comprises data describing application write activity for each storage device of the plurality of storage devices; calculating, by the controller of the storage system, for each storage device of the plurality of storage devices, a corresponding write amplification metric; and providing, by the controller of the storage system, to each storage device of the plurality of storage devices, the corresponding write amplification metric.

Abstract: A method for policy onboarding includes receiving, by a processor, a request from a network slice service builder module for registration of an application bundle; requesting, by the processor, a central inventory create an application bundle object; requesting, by the processor, a policy manager create a policy descriptor file corresponding to one or more rule-based policy and the application bundle; and receiving, by the processor, a policy identifier (ID) for the application bundle from the policy manager.

Abstract: A core simulator includes one or more simulated processors, a trace-based traffic generator, and a simulated memory subsystem. Each simulated processor includes a core element and at least one lower-level cache excluded from the core element. The trace-based traffic generator includes a plurality of modeled caches that model the at least lower-level cache without modeling the core element. The trace-based traffic generator is configured to receive at least one workload trace and based on the workload trace simulate actual memory traffic to be processed by the simulated memory subsystem. The simulated memory subsystem is shared between the at least one simulated processor and the trace-based traffic generator. The trace-based traffic generator performs a data exchange with the memory subsystem based on the at least one workload trace. The data exchange impacts a measured performance of the at least one simulated processor.

Abstract: Methods and systems for managing update events for data processing systems are disclosed. An update event may indicate that an update configuration is available for a data processing system. A management controller for the data processing system may utilize an out of band communication channel to obtain the update configuration for the data processing system without hardware components of the data processing system being powered. The update configuration may indicate a combination of hardware and/or software components for an application hosted by the data processing system. The update configuration may be assigned by an administrator and may be implemented by an update agent for the data processing system upon powering the hardware resources of the data processing system.

Abstract: Methods and systems for authenticating a user device to an application device are disclosed. The user device may request access to a (computer-implemented) service provided by the application device. Access to the service may include access to sensitive data; therefore, to prevent unauthorized access to the sensitive data, the user device may be authenticated to the application device before the service is provided. To do so, the application device may perform a first factor authentication using in-band hardware resources of the user device; however, the in-band hardware resources may be vulnerable to attacks by malicious parties. Thus, in addition, a second factor authentication of the user device may be performed out-of-band (e.g., using a management controller of the user device) in order to bypass potentially compromised in-band hardware resources. The additional out-of-band authentication may reduce the likelihood of the malicious parties gaining access to the sensitive data via spoofing attacks.

Abstract: A method for monitoring a file system within a distributed network is provided. From a local hosting environment having a native scanning tool, creation of a new data store within the network is detected. Responsive to detecting creation of the new data store, it is determined whether the new data store is physically located within a foreign hosting environment that is communicatively coupled to the local hosting environment through a non-private network. If the new data store is physically located within the foreign hosting environment, an agent of the native scanning tool is created within the foreign hosting environment and the agent is applied to the new data store within the foreign hosting environment to obtain sensitivity information for the new data store. The sensitivity information for the new data store is received and recorded in the local hosting environment.

Abstract: One or more computing devices, systems, and/or methods for evaluating email activity and/or controlling, based upon the email activity, transmission of instructions associated with quality are provided. A first email, transmitted by an email account associated with an entity to a plurality of email accounts, may be identified. First activity associated with the first email may be detected. A first set of activity information associated with the first activity may be stored in an entity profile associated with the entity. The entity profile may comprise a plurality of sets of activity information associated with a plurality of emails transmitted by one or more email accounts associated with the entity. A quality score corresponding to the first entity may be generated based upon the entity profile. A notification may be generated based upon the quality score. The notification may be transmitted to the first client device.

Abstract: Methods and systems for managing data processing systems are disclosed. To manage a data processing of the data processing systems, the data processing system may be placed in a first operating state. To do so, first log in credentials may be obtained from a first user and may be used to obtain a first user persona from a server. The first user persona may be obtained via an out of band communication channel and may include a first set of configurations for the data processing system. The first set of the configurations may indicate preferences for operation of the data processing system associated with the first user. At least a portion of the first set of the configurations may be implemented by hardware resources of the data processing system and, therefore, computer-implemented services may be more likely to be provided as desired by the first user.

Abstract: Methods and systems for managing a data processing system are disclosed. A management controller of the data processing system may obtain location data for the data processing system via an out-of-band communication channel. The management controller may identify policies based on the location data, and make an identification regarding whether the data processing system is operating out of compliance with respect to the policies. If the data processing system is operating out of compliance, then the management controller may perform an action set to update operation of the data processing system in a manner that improves compliance of the data processing system with respect to the policies. The data processing system may provide computer-implemented services based on the updated operation.

Abstract: Methods and systems for registering a management controller of a data processing system with a server and an orchestrator are disclosed. To do so, a key pair may be generated by the management controller and a private key of the key pair may be kept secret by the management controller. Previously established trust between a trusted platform module of the data processing system and a manufacturer of the data processing system may be leveraged to register the management controller with the server. Hardware resources of the data processing system may register a public key of the key pair with the server and may request registration of the management controller with the orchestrator. The management controller may obtain a challenge from an internet of things hub associated with the orchestrator and may respond to the challenge, via an out of band communication channel, to complete the registration of the management controller.

Abstract: Methods, systems, and apparatus, including computer programs encoded on computer storage media relate to a method for creating a data environment and a computational environment to perform data processing and real-time data request management. The system provides for the creation of definition files to create a data environment to periodically precompute aggregated data values, and the creation of an execution environment in which features may be defined to process a real-time request with at least one of the features accessing one of the created datasets.

Abstract: Methods and systems for managing a data processing system are disclosed. To manage the data processing system, a management controller may be included in the data processing system. The management controller may perform managerial functions for the data processing system regardless of whether in band components are compromised, depowered, and/or otherwise non-functional. In addition, to communicate with remote entities, the management controller may utilize a network module of the data processing system. The network module may direct network traffic between in band and out of band communication channels and may operate independently from hardware resources of the data processing system.

Abstract: Methods and systems for managing unrecoverable errors for data processing systems are disclosed. Upon identifying that an unrecoverable error has occurred by hardware resources of a data processing system, a management controller for the data processing system may obtain a data package indicating at least an operating state of the hardware resources prior to the occurrence of the unrecoverable error. The management controller may utilize an out of band communication channel to provide the data package to a trusted management system. The management controller may obtain at least one action in response to the data package from the trusted management system, the at least one action being intended to initiate remediation of the unrecoverable error.

Abstract: A system and method for detecting cold start user activity anomalies in a cloud computing environment comprise an anomaly detection system collecting historical activity data of users of a plurality of endpoint computers arranged in an account. An average user baseline behavior model is trained for the account from the historical activity data of the users arranged in the account. The anomaly detection system applies the average user baseline behavior model to a cold start user activity and detects an anomaly in response to a comparison between the cold start user activity and the average user baseline behavior model. The anomaly detection system displays an alert based on a determination from the comparison that at least one anomaly of the plurality of anomalies is detected by the cold start user activity deviating from the average user baseline behavior model by a predetermined threshold.

Abstract: Methods and systems for managing a data processing system are disclosed. A management controller of the data processing system may provide a sanitization request to a policy management server using an out-of-band communication channel. The management controller may obtain a response to the sanitization request from the policy management server via the out-of-band communication channel. The response may indicate whether performance of a sanitization process is authorized. The authorization may be based on a sanitization policy that governs sanitizations for the data processing system. If performance of the sanitization process is authorized, then the management controller may initiate and/or perform an action set based on the sanitization policy in order to complete the sanitization process, thereby placing the data processing system in a safe state.

Abstract: Methods and systems for managing data stored by a data processing system are disclosed. A management controller of the data processing system may identify an occurrence of a backup event for the data, the occurrence indicating that a portion of the data is to be backed up to a remote storage system. In response to the occurrence, the management controller may initiate a backup process to obtain a backup data package for the data processing system. The management controller may provide the backup data package to the remote storage system via an out-of-band communication channel in order to facilitate completion of the backup process. By doing so, the data may be placed in a restorable state, enabling the data processing system to continue providing computer-implemented services.

Abstract: Methods and systems for securing communications between management controllers and message brokers are provided. The communications may be secured using pre-provisioned secrets to encrypt and decrypt messages. The secrets may be pre-provisioned using keypairs established during registration of the management controller with other systems. The keypair may be used to provide the management controllers with access to the secrets. Once obtained, the secrets may be used to encrypt communications without establishing sessions keys or other data structures.

Abstract: Methods and systems for registering a management controller of a data processing system with a server are disclosed. To register a management controller, an identifier for the management controller may be cryptographically signed using a private key of a public private key pair kept secret by a trusted platform module (TPM). The signed identifier may be provided to the server and the sever may utilize a public key of the public private key pair to verify the signed identifier was signed by a trusted entity. If the signed identifier is verified by the server, the server may register the management controller as associated with the data processing system and as a trusted entity to manage operation of hardware resources of the data processing system. The management controller may subsequently utilize an out of band communication channel to interact with the server to manage the operation of the data processing system.

Abstract: Systems and methods are described for performing an instant recovery of data associated with a locked snapshot. In various examples, the amount of time for performing a recovery of data associated with a locked snapshot is significantly reduced by making use of enhanced volume cloning functionality instead of making an actual copy of the data to be recovered. In one embodiment, the resulting volume clone representing the recovery volume is cleared of all data protection information (e.g., WORM flags and/or lock metafiles) that was previously used to protect the content from being changed when stored on the data protection volume so as allow the recovery volume to be used in read-write mode.

Abstract: Methods and systems for managing a data processing system based on location data are disclosed. A management controller of the data processing system may provide the location data via an out-of-band communication channel to a geolocation management server tasked with mapping a location of the data processing system over time. The data processing system may identify an occurrence of an event based on the location data (e.g., a change in location of the data processing system), prompting the data processing system to perform an action set to update operation of the data processing system (e.g., to conform to location-based policies). Based on its updated operation, the data processing system may provide computer-implemented services that are more likely to be in compliance with local policies.