Abstract: A method and system for handling a malicious intrusion to a machine in a networked group of computers. The malicious intrusion is an unauthorized access to the machine, such as a server in a server farm. When the intrusion is detected, the machine is isolated from the rest of the server farm, and the machine is reprovisioned as a decoy system having access to only data that is ersatz or at least non-sensitive. If the intrusion is determined to be non-malicious, then the machine is functionally reconnected to the server farm, and the machine is reprovisioned to a state held before the reprovisioning of the machine as a decoy machine.

Abstract: Methods and apparatuses for receiving data associated with one or more system metrics, contextually analyzing that data in view of prior received data of other computer systems of different subscriber enterprises, determining, based at least in part on the results of the contextual analysis, if an alert needs to be sent, and sending or causing to be sent an alert, are described herein. In various embodiments, the methods and apparatuses are further for managing computer systems of subscriber enterprises, including providing updated operating images. Other embodiments may also be disclosed.

Abstract: Methods and apparatuses for receiving data associated with one or more system metrics, contextually analyzing that data in view of prior received data of other computer systems of different subscriber enterprises, determining, based at least in part on the results of the contextual analysis, if an alert needs to be sent, and sending or causing to be sent an alert, are described herein. In various embodiments, the methods and apparatuses are further for managing computer systems of subscriber enterprises, including providing updated operating images. Other embodiments may also be disclosed.

Abstract: Methods and apparatuses for receiving data associated with one or more system metrics, contextually analyzing that data in view of prior received data of other computer systems of different subscriber enterprises, determining, based at least in part on the results of the contextual analysis, if an alert needs to be sent, and sending or causing to be sent an alert, are described herein.

Abstract: An interactive management system comprised of a server environment and one or more target client environments coupled to a management server of the server environment is described herein. The target client environments may each have one or more target client systems, the target client systems each having a command agent. Each target client environment may also be protected by a firewall. In some embodiments, a commander server of the server environment may receive a request for one or more commands from a target client system. In response, the command server may send commands to the command agent of the requesting target client system, effectively giving the command server the same privileges as other processes protected by the target client environment firewall. The command agent may then receive the commands, execute the commands, and transmit results and/or post-execution information to the command server.

Abstract: A method and system for handling a malicious intrusion to a machine in a networked group of computers. The malicious intrusion is an unauthorized access to the machine, such as a server in a server farm. When the intrusion is detected, the machine is isolated from the rest of the server farm, and the machine is reprovisioned as a decoy system having access to only data that is ersatz or at least non-sensitive. If the intrusion is determined to be non-malicious, then the machine is functionally reconnected to the server farm, and the machine is reprovisioned to a state held before the reprovisioning of the machine as a decoy machine.