Work flow management for an information management system
US-2015244775-A1 · Aug 27, 2015 · US
Independent security threat detection and remediation by storage systems in a synchronous replication arrangement
US12079333B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-12079333-B2 |
| Application number | US-202117506509-A |
| Country | US |
| Kind code | B2 |
| Filing date | Oct 20, 2021 |
| Priority date | Nov 22, 2019 |
| Publication date | Sep 3, 2024 |
| Grant date | Sep 3, 2024 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
A system may include a plurality of storage systems each configured to operate in accordance with a synchronous replication configuration in which a dataset is synchronously replicated to each of the plurality of storage systems such that each of the plurality of storage systems stores and continually updates a different copy of the dataset. Each of the storage systems may be configured to independently monitor, while operating in accordance with the synchronous replication configuration, for security threats against one of the copies of the dataset; and perform, when the monitoring indicates that the one of the copies of the dataset is possibly being targeted by a security threat, a remedial action with respect to the security threat.
First claim
Opening claim text (preview).
What is claimed is: 1. A system comprising: a first storage system and a second storage system both configured to operate in accordance with a synchronous replication configuration in which a dataset is synchronously replicated to both the first and second storage systems such that the first storage system stores and continually updates a first copy of the dataset and the second storage system stores and continually updates a second copy of the dataset; wherein: the first storage system is configured to independently monitor, while operating in accordance with the synchronous replication configuration, for security threats against the first copy of the dataset, and perform, when the monitoring by the first storage system indicates that the first copy of the dataset is being targeted by a first security threat, a first remedial action with respect to the first security threat; and the second storage system is configured to independently monitor, while operating in accordance with the synchronous replication configuration, for security threats against the second copy of the dataset, and perform, when the monitoring by the second storage system indicates that the second copy of the dataset is being targeted by a second security threat, a second remedial action with respect to the second security threat, wherein the first and the second threats are different and the first and second remedial actions are different. 2. The system of claim 1 , wherein the performing the first remedial action by the first storage system comprises generating a first recovery dataset for the first copy of the dataset. 3. The system of claim 2 , wherein the first storage system is further configured to protect the first recovery dataset from being deleted or modified. 4. The system of claim 1 , wherein the performing the second remedial action by the second storage system comprises generating a second recovery dataset for the second copy of the dataset. 5. The system of claim 1 , wherein the performing the first remedial action by the first storage system comprises disabling the synchronous replication configuration such that the dataset is no longer synchronously replicated to both the first and second storage systems. 6. The system of claim 5 , wherein the first storage system is further configured to ensure that the second storage system is updating the second copy of the dataset before performing the disabling of the synchronous replication configuration. 7. The system of claim 1 , wherein the performing the remedial action by the first storage system comprises preventing at least one of the first storage system or the second storage system from processing requests to perform operations with respect to the dataset. 8. The system of claim 1 , wherein: the first storage system is further configured to quarantine requests to write data to the first storage system in a lookaside buffer for a time interval prior to transferring the data from the lookaside buffer to a volume of the first storage system; and the performing the first remedial action by the first storage system comprises preventing the data from being transferred from the lookaside buffer to the volume. 9. The system of claim 1 , wherein: the second storage system is further configured to quarantine requests to write data to the second storage system in a lookaside buffer for a time interval prior to transferring the data from the lookaside buffer to a volume of the second storage system; and the performing the second remedial action by the second storage system comprises preventing the data from being transferred from the lookaside buffer to the volume. 10. The system of claim 1 , wherein the performing the first remedial action by the first storage system comprises recording data writes to the first storage system without overwriting existing data on the first storage system. 11. The system of claim 1 , wherein the performing the second remedial action by the second storage system comprises recording data writes to the second storage system without overwriting existing data on the second storage system. 12. The system of claim 1 , wherein a machine learning model is used by the first storage system to perform the monitoring for the security threats against the first copy of the dataset. 13. The system of claim 1 , wherein a machine learning model is used by the second storage system to perform the monitoring for the security threats against the second copy of the dataset. 14. A method comprising: operating, by a first storage system and a second storage system, in accordance with a synchronous replication configuration in which a dataset is synchronously replicated to both the first and second storage systems such that the first storage system stores and continually updates a first copy of the dataset and the second storage system stores and continually updates a second copy of the dataset; independently monitoring, by the first storage system while operating in accordance with the synchronous replication configuration, for security threats against the first copy of the dataset; independently performing, by the first storage system when the monitoring by the first storage system indicates that the first copy of the dataset is being targeted by a first security threat, a first remedial action with respect to the first security threat; independently monitoring, by the second storage system while operating in accordance with the synchronous replication configuration, for security threats against the second copy of the dataset; and independently performing, by the second storage system when the monitoring by the second storage system indicates that the second copy of the dataset is being targeted by a second security threat, a second remedial action with respect to the second security threat, wherein the first and the second threats are different and the first and second remedial actions are different. 15. The method of claim 14 , wherein the performing the first remedial action by the first storage system comprises generating a recovery dataset for the first copy of the dataset. 16. The method of claim 14 , wherein the performing the first remedial action by the first storage system comprises disabling the synchronous replication configuration such that the dataset is no longer synchronously replicated to both the first and second storage systems. 17. The method of claim 14 , wherein the performing the second remedial action by the second storage system comprises disabling the synchronous replication configuration such that the dataset is no longer synchronously replicated to both the first and second storage systems. 18. The method of claim 14 , further comprising: quarantining, by the first storage system, requests to write data to the first storage system in a lookaside buffer for a time interval prior to transferring the data from the lookaside buffer to a volume of the first storage system; and the performing the first remedial action by the first storage system comprises preventing the data from being transferred from the lookaside buffer to the volume. 19. The method of claim 14 , wherein a machine learning model is used by the first storage system to perform the monitoring for the security threats against the first copy of the dataset. 20. The method of claim 14 , wherein a machine learning model is used by the second storage system to perform the monitoring for the security threats against the second copy of the dataset.
Assignees
Inventors
Classifications
in relation to access · CPC title
Monitoring storage devices or systems · CPC title
Non-volatile semiconductor memory device, e.g. flash memory, one time programmable memory [OTP] · CPC title
Management of the data involved in backup or backup restore · CPC title
Protecting data integrity, e.g. using checksums, certificates or signatures · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US12079333B2 cover?
- A system may include a plurality of storage systems each configured to operate in accordance with a synchronous replication configuration in which a dataset is synchronously replicated to each of the plurality of storage systems such that each of the plurality of storage systems stores and continually updates a different copy of the dataset. Each of the storage systems may be configured to inde…
- Who is the assignee on this patent?
- Pure Storage Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/554. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Tue Sep 03 2024 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 12 related publications on this page (citations in our corpus or others sharing the same primary CPC).