US 9,811,435 B2
System for virtual machine risk monitoring
Andrew Babakhan, Chatswood (AU); Jeffrey Zhou, Chatswood (AU); Neale Rowe, Chatswood (AU); and Peter Leung, Chatswood (AU)
Assigned to Cisco Technology, Inc., San Jose, CA (US)
Filed by Cisco Technology, Inc., San Jose, CA (US)
Filed on Sep. 3, 2013, as Appl. No. 14/16,937.
Prior Publication US 2015/0067143 A1, Mar. 5, 2015
Int. Cl. G06F 11/30 (2006.01); H04L 29/06 (2006.01)
CPC G06F 11/301 (2013.01) [H04L 63/1433 (2013.01); H04L 63/20 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A device comprising:
a virtual machine detector configured to determine identity information of a virtual machine residing at a first node in a data center;
a network detector configured to:
query physical network devices in a network segment of the data center on which the virtual machine currently resides based on a media access control (MAC) address of the virtual machine to identify particular physical network devices in the data center that form a data path currently used by the virtual machine;
identify other virtual machines in the data center being executed by the particular physical network devices;
determine identity information of the particular physical network devices; and
store in memory the identity information of the particular physical network devices;
a reliability calculator configured to:
access device records of the particular physical network devices from a knowledge base based on the identity information of the particular physical network devices, wherein each device record comprises performance data relating to at least one of: security threats, known defects, field notices, smart contracts, software bugs, hardware bugs, or performance information;
determine a current risk level of the virtual machine based on the identity information of the particular network devices, the device records, and the identity information of the virtual machine; and
determine other risk levels for each of the other virtual machines; and
an output device configured to:
output the current risk level of the virtual machine, the risk level providing a comparative measure of robustness of the virtual machine as compared to the other virtual machines
modify the data path to the first node by substituting one or more network devices of the particular physical network devices for other physical network devices included in the network segment of the data center, wherein the one or more network devices are selected for the substituting based on the current risk level of the virtual machine and the other risk levels of the other virtual machines.