| CPC H04L 63/1441 (2013.01) [H04L 41/16 (2013.01); H04L 63/1416 (2013.01)] | 20 Claims |
|
1. A computer-implemented method for managing threats to data processing systems comprising compute complexes, the method comprising:
monitoring, by a Network Interface Controller (NIC) of a data storage complex that provides a compute complex of the compute complexes with emulated access to a portion of storage resources of the data storage complex, data accesses of the portion of the storage resources by the compute complex to identify an access pattern by the compute complex, wherein the data accesses originate from the compute complex and are directed to a storage device of the data storage complex used by the NIC to provide data storage services for the compute complex;
making, by the NIC, a determination regarding whether the access pattern indicates that the compute complex is potentially compromised;
in an instance of the determination where the access pattern indicates that the compute complex is potentially compromised:
identifying, by the NIC, a mitigation action to mitigate an impact of a compromise of the compute complex;
performing, by the NIC, the mitigation action, wherein the storage device comprises a first storage and a second storage and performing the mitigation action comprises prohibiting access to the first storage while redirecting all of the data accesses received after determining that the compute complex is potentially compromised solely to the second storage;
obtaining, by the NIC, an anonymized copy of the access pattern; and
distributing, by the NIC, the anonymized copy of the access pattern to an analysis entity to ascertain whether the compute complex is compromised.
|