US 12,079,333 B2
Independent security threat detection and remediation by storage systems in a synchronous replication arrangement
Ronald Karr, Palo Alto, CA (US); Ethan L. Miller, Santa Cruz, CA (US); Taher Vohra, Sunnyvale, CA (US); and Arun Rokade, Fremont, CA (US)
Assigned to Pure Storage, Inc., Santa Clara, CA (US)
Filed by Pure Storage, Inc., Mountain View, CA (US)
Filed on Oct. 20, 2021, as Appl. No. 17/506,509.
Application 17/506,509 is a continuation in part of application No. 16/916,903, filed on Jun. 30, 2020, granted, now 11,341,236.
Application 16/916,903 is a continuation in part of application No. 16/711,060, filed on Dec. 11, 2019, abandoned.
Claims priority of provisional application 62/939,518, filed on Nov. 22, 2019.
Prior Publication US 2022/0083657 A1, Mar. 17, 2022
Int. Cl. G06F 21/55 (2013.01); G06F 3/06 (2006.01); G06F 11/14 (2006.01)
CPC G06F 21/554 (2013.01) [G06F 3/0622 (2013.01); G06F 3/0653 (2013.01); G06F 3/0679 (2013.01); G06F 11/1448 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A system comprising:
a first storage system and a second storage system both configured to operate in accordance with a synchronous replication configuration in which a dataset is synchronously replicated to both the first and second storage systems such that the first storage system stores and continually updates a first copy of the dataset and the second storage system stores and continually updates a second copy of the dataset;
wherein:
the first storage system is configured to independently
monitor, while operating in accordance with the synchronous replication configuration, for security threats against the first copy of the dataset, and
perform, when the monitoring by the first storage system indicates that the first copy of the dataset is being targeted by a first security threat, a first remedial action with respect to the first security threat; and
the second storage system is configured to independently
monitor, while operating in accordance with the synchronous replication configuration, for security threats against the second copy of the dataset, and
perform, when the monitoring by the second storage system indicates that the second copy of the dataset is being targeted by a second security threat, a second remedial action with respect to the second security threat, wherein the first and the second threats are different and the first and second remedial actions are different.