| 发明名称 |
MONITORING APPLICATION EXECUTION IN A CLONE OF A VIRTUAL COMPUTING INSTANCE FOR APPLICATION WHITELISTING |
| 摘要 |
In a virtualized computer system, gray applications that are selected to be executed in a first virtual computing instance are executed and monitored in a second virtual computing instance that is a clone of the first virtual computing instance, and classified according to their monitored behavior. This process is conducted in real-time, in response to a notification that a gray application has been selected for execution in the first virtual computing instance. The execution of the gray application in the first virtual computing instance is delayed until the first virtual computing instance receives a notification from an application admission control manager that the gray application is safe to be executed in the first virtual computing instance. Although the execution of the gray application in the first virtual computing instance is delayed, all other processes running in the first virtual computing instance continue to their execution so that a user accessing the first virtual computing instance will not experience any downtime. |
| 申请公布号 |
US2016162685(A1) |
申请公布日期 |
2016.06.09 |
| 申请号 |
US201414564062 |
申请日期 |
2014.12.08 |
| 申请人 |
VMWARE, INC. |
发明人 |
FEROZ Azeem;CHEN Binyuan |
| 分类号 |
G06F21/53;G06F9/455 |
主分类号 |
G06F21/53 |
| 代理机构 |
|
代理人 |
|
| 主权项 |
1. A method of performing admission control of an application that has been selected for execution in a first virtual computing instance, comprising:
creating a second virtual computing instance that is a clone of the first virtual computing instance; executing the application in the second virtual computing instance; during execution of the application in the second virtual computing instance, monitoring execution behavior of the application; determining from the monitored execution behavior of the application whether or not the application is to be approved for execution in the first virtual computing instance; if the application is approved for execution in the first virtual computing instance, executing the application in the first virtual computing instance; and if the application is not approved for execution in the first virtual computing instance, transmitting an error message to the first virtual computing instance and not executing the application in the first virtual computing instance. |
| 地址 |
Palo Alto CA US |
