Enforcing policy-based compliance of virtual machine image configurations
US-9448826-B2 · Sep 20, 2016 · US
Security hardening of virtual machines at time of creation
US2016357968A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2016357968-A1 |
| Application number | US-201514728720-A |
| Country | US |
| Kind code | A1 |
| Filing date | Jun 2, 2015 |
| Priority date | Jun 2, 2015 |
| Publication date | Dec 8, 2016 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
In a computer-implemented method for security hardening of a virtual machine at time of creation, creation of a virtual machine hosted by a pre-configured hyper-converged computing device is initiated in a virtualization infrastructure, wherein a centralized management tool is for centralized management of the virtualization infrastructure. User selected parameters for a security policy are accessed via the centralized management tool. The security policy is associated to the virtual machine such that the virtual machine is security hardened at the time of creation, wherein the security policy associated with the virtual machine comprises the user selected parameters.
First claim
Opening claim text (preview).
1 . A computer-implemented method for security hardening of a virtual machine at time of creation of said virtual machine, said computer-implemented method comprising: initiating creation of said virtual machine hosted by a pre-configured hyper-converged computing device in a virtualization infrastructure, wherein a centralized management tool is provided for centralized management of said virtualization infrastructure; accessing user selected parameters for a security policy via said centralized management tool; and associating said security policy with said virtual machine such that said virtual machine is security hardened at said time of creation of said virtual machine, wherein said security policy associated with said virtual machine comprises said user selected parameters. 2 . The computer-implemented method of claim 1 , wherein said associating said security policy with said virtual machine is implemented at time of first powering on of said pre-configured hyper-converged computing device. 3 . (canceled) 4 . The computer-implemented method of claim 1 , wherein said security policy is one of a plurality of security policies each having a different risk profile. 5 . The computer-implemented method of claim 1 , wherein said parameters are displayed and selectable via a user interface of said centralized management tool. 6 . A non-transitory computer-readable storage medium having instructions embodied therein that when executed cause a computer system to perform a method of security hardening of a virtual machine at time of creation of said virtual machine, the method comprising: accessing user selected parameters for a security policy via a centralized management tool, wherein said accessing is in response to creation of said virtual machine, said virtual machine hosted by a pre-configured hyper-converged computing device, and wherein said centralized management tool is provided for centralized management of a virtualization infrastructure; and associating said security policy with said virtual machine such that said virtual machine is security hardened at said time of creation of said virtual machine, wherein said security policy associated with said virtual machine comprises said user selected parameters. 7 . The non-transitory computer-readable storage medium of claim 6 , wherein said associating said security policy with said virtual machine is implemented at time of first powering on of said pre-configured hyper-converged computing device. 8 . (canceled) 9 . The non-transitory computer-readable storage medium of claim 6 , wherein said security policy is one of a plurality of security policies each having a different risk profile. 10 . The non-transitory computer-readable storage medium of claim 6 , wherein said parameters are displayed and selectable via a user interface of said centralized management tool.
Assignees
Inventors
Classifications
Isolation or security of virtual machine instances · CPC title
by executing in a restricted environment, e.g. sandbox or secure virtual machine · CPC title
Test or assess a computer or a system · CPC title
- G06F21/577Primary
Assessing vulnerabilities and evaluating computer system security · CPC title
Hypervisors; Virtual machine monitors · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2016357968A1 cover?
- In a computer-implemented method for security hardening of a virtual machine at time of creation, creation of a virtual machine hosted by a pre-configured hyper-converged computing device is initiated in a virtualization infrastructure, wherein a centralized management tool is for centralized management of the virtualization infrastructure. User selected parameters for a security policy are acc…
- Who is the assignee on this patent?
- Vmware Inc
- What technology area does this patent fall under?
- Primary CPC classification G06F21/577. Mapped technology areas include Physics.
- When was this patent published?
- Publication date Thu Dec 08 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 2 related publications on this page (citations in our corpus or others sharing the same primary CPC).