Self-learning automated information technology change risk prediction
US-2024414064-A1 · Dec 12, 2024 · US
Methods and apparatus to deploy security-compliant workload domains
US2021184928A1 · US · A1
| Field | Value |
|---|---|
| Publication number | US-2021184928-A1 |
| Application number | US-202016788326-A |
| Country | US |
| Kind code | A1 |
| Filing date | Feb 12, 2020 |
| Priority date | Dec 11, 2019 |
| Publication date | Jun 17, 2021 |
| Grant date | — |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
An example apparatus to configure a workload domain for security compliance includes a configuration normalizer to generate normalized workload domain configuration settings by normalizing workload domain configuration settings of a deployed workload domain based on a format of compliance configuration settings; a drift comparator to compare the normalized workload domain configuration settings with the compliance configuration settings before deploying an application in the workload domain; a post start-up controller to generate updated workload domain configuration settings by modifying ones of the workload domain configuration settings, the modifying of the ones of the workload domain configuration settings being based on the comparison of the normalized workload domain configuration settings with the compliance configuration settings; and a compliance verifier to determine whether the updated workload domain configuration settings satisfy the compliance configuration settings.
First claim
Opening claim text (preview).
What is claimed is: 1 . An apparatus to configure a workload domain for security compliance, the apparatus comprising: a configuration normalizer to generate normalized workload domain configuration settings by normalizing workload domain configuration settings of a deployed workload domain based on a format of compliance configuration settings; a drift comparator to compare the normalized workload domain configuration settings with the compliance configuration settings before deploying an application in the workload domain; a post start-up controller to generate updated workload domain configuration settings by modifying ones of the workload domain configuration settings, the modifying of the ones of the workload domain configuration settings being based on the comparison of the normalized workload domain configuration settings with the compliance configuration settings; and a compliance verifier to determine whether the updated workload domain configuration settings satisfy the compliance configuration settings. 2 . The apparatus of claim 1 , wherein the drift comparator is to compare the normalized workload domain configuration settings with the compliance configuration settings using a character-level comparison. 3 . The apparatus of claim 1 , wherein the drift comparator is to generate a label to indicate a mismatch between the normalized workload domain configuration settings and the compliance configuration settings. 4 . The apparatus of claim 3 , wherein the post start-up controller is to determine a corresponding one of the workload domain configuration settings to update based on the label. 5 . The apparatus of claim 1 , wherein the compliance verifier is to generate an exception when the updated workload domain configuration settings do not satisfy the compliance configuration settings. 6 . The apparatus of claim 5 , wherein the exception from the compliance verifier is to inhibit deployment of the workload domain. 7 . At least one non-transitory computer readable medium comprising instructions that, when executed, cause at least one processor to at least: generate normalized workload domain configuration settings by normalizing workload domain configuration settings of a deployed workload domain based on a format of compliance configuration settings; compare the normalized workload domain configuration settings with the compliance configuration settings before deploying an application in the workload domain; generate updated workload domain configuration settings by modifying ones of the workload domain configuration settings, the modifying of the ones of the workload domain configuration settings being based on the comparison of the normalized workload domain configuration settings with the compliance configuration settings; and determine whether the updated workload domain configuration settings satisfy the compliance configuration settings. 8 . The at least one non-transitory computer readable medium of claim 7 , wherein the instructions, when executed, cause the at least one processor to compare the normalized workload domain configuration settings with the compliance configuration settings using a character-level comparison. 9 . The at least one non-transitory computer readable medium of claim 7 , wherein the instructions, when executed, cause the at least one processor to generate a label to indicate a mismatch between the normalized workload domain configuration settings and the compliance configuration settings. 10 . The at least one non-transitory computer readable medium of claim 9 , wherein the instructions, when executed, cause the at least one processor to determine a corresponding one of the workload domain configuration settings to update based on the label. 11 . The at least one non-transitory computer readable medium of claim 7 , wherein the instruction, when executed, cause the at least one processor to generate an exception when the updated workload domain configuration settings do not satisfy the compliance configuration settings. 12 . The at least one non-transitory computer readable medium of claim 11 , wherein the exception is to inhibit deployment of the workload domain. 13 . An apparatus to configure a workload domain for security compliance, the apparatus comprising: means for generating normalized workload domain configuration settings by normalizing workload domain configuration settings of a deployed workload domain based on a format of compliance configuration settings; means for comparing the normalized workload domain configuration settings with the compliance configuration settings before deploying an application in the workload domain; means for generating updated workload domain configuration settings by modifying ones of the workload domain configuration settings, the modifying of the ones of the workload domain configuration settings being based on the comparison of the normalized workload domain configuration settings with the compliance configuration settings; and means for determining whether the updated workload domain configuration settings satisfy the compliance configuration settings. 14 . The apparatus of claim 13 , wherein the means for comparing is to compare the normalized workload domain configuration settings with the compliance configuration settings using a character-level comparison. 15 . The apparatus of claim 13 , wherein the means for comparing is to generate a label to indicate a mismatch between the normalized workload domain configuration settings and the compliance configuration settings. 16 . The apparatus of claim 15 , wherein the means for generating the updated workload domain configuration settings is to determine a corresponding one of the workload domain configuration settings to update based on the label. 17 . The apparatus of claim 13 , wherein the means for determining is to generate an exception when the updated workload domain configuration settings do not satisfy the compliance configuration settings. 18 . The apparatus of claim 17 , wherein the exception is to inhibit deployment of the workload domain. 19 . A method to configure a workload domain for security compliance, the method comprising: generating normalized workload domain configuration settings by normalizing workload domain configuration settings of a deployed workload domain based on a format of compliance configuration settings; comparing the normalized workload domain configuration settings with the compliance configuration settings before deploying an application in the workload domain; generating updated workload domain configuration settings by modifying ones of the workload domain configuration settings, the modifying of the ones of the workload domain configuration settings being based on the comparison of the normalized workload domain configuration settings with the compliance configuration settings; and determining whether the updated workload domain configuration settings satisfy the compliance configuration settings. 20 . The method of claim 19 , wherein the comparing of the normalized workload domain configuration settings with the compliance configuration settings is based on a character-level comparison. 21 . The method of claim 19 , further including generating a label to indicate a mismatch between the normalized workload domain configuration settings and the compliance configuration settings. 22 . The method of claim 21 , further including determining a correspond
Assignees
Inventors
Classifications
Configuration of virtualised networks or elements, e.g. virtualised network function or OpenFlow elements · CPC title
based on parameters of servers, e.g. available memory or workload (monitoring of computer activity G06F11/30) · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint · CPC title
Automatic or semi-automatic definitions, e.g. definition templates · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US2021184928A1 cover?
- An example apparatus to configure a workload domain for security compliance includes a configuration normalizer to generate normalized workload domain configuration settings by normalizing workload domain configuration settings of a deployed workload domain based on a format of compliance configuration settings; a drift comparator to compare the normalized workload domain configuration settings…
- Who is the assignee on this patent?
- Vmware Inc
- What technology area does this patent fall under?
- Primary CPC classification H04L41/0866. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Thu Jun 17 2021 00:00:00 GMT+0000 (Coordinated Universal Time) (A1). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).