Tom Keane

A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for an external device. When JIT access to a resource is requested by a device, the JIT service retrieves a JIT policy for the resource that includes geolocation criteria limiting the geolocation from which JIT access can be automatically granted. The geolocation of the device is evaluated against the geolocation criteria. If the geolocation criteria and any other criteria… Show more

A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for an external device. When JIT access to a resource is requested by a device, the JIT service retrieves a JIT policy for the resource that includes geolocation criteria limiting the geolocation from which JIT access can be automatically granted. The geolocation of the device is evaluated against the geolocation criteria. If the geolocation criteria and any other criteria of the JIT policy are satisfied, the JIT service provisions JIT access to the resource for the device. Show less

A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for an external device. When JIT access to a resource is requested by a device, the JIT service retrieves a JIT policy for the resource that includes screening criteria limiting automatic granting of JIT access to users who meet the screening criteria. Screening information for a user associated with the request is evaluated against one or more screening requirements set… Show more

A JIT service in a cloud computing environment manages just-in-time access to resources in the cloud computing environment for an external device. When JIT access to a resource is requested by a device, the JIT service retrieves a JIT policy for the resource that includes screening criteria limiting automatic granting of JIT access to users who meet the screening criteria. Screening information for a user associated with the request is evaluated against one or more screening requirements set forth by the screening criteria. If the screening criteria and any other criteria of the JIT policy are satisfied, the JIT service provisions JIT access to the resource for the device. Show less

Network buildout of cloud computing environments subject to different data control policies is performed in a manner that ensures compliance with the data control policies. A buildout service is located in a remote cloud computing environment separate from the cloud computing environments at which buildout is being performed. The buildout service implements workflows to manage different aspects of network buildout in the cloud computing environments. The buildout service does not have access to… Show more

Network buildout of cloud computing environments subject to different data control policies is performed in a manner that ensures compliance with the data control policies. A buildout service is located in a remote cloud computing environment separate from the cloud computing environments at which buildout is being performed. The buildout service implements workflows to manage different aspects of network buildout in the cloud computing environments. The buildout service does not have access to restricted data in the cloud computing environments, including access control data, such that the buildout service cannot directly interact with network devices. The buildout service issues requests for device configuration to hardware proxies in the cloud computing environments. In response to the requests, the hardware proxies obtain access control data to access and configure the network devices. Show less

Monitoring of cloud computing environments subject to different data control policies is performed in a manner that ensures compliance with the data control policies. A monitoring service is located in a remote cloud computing environment separate from the cloud computing environments being monitored. The monitoring service does not have access to restricted data in the cloud computing environments, including access control data, such that the monitoring service cannot directly interact with… Show more

Monitoring of cloud computing environments subject to different data control policies is performed in a manner that ensures compliance with the data control policies. A monitoring service is located in a remote cloud computing environment separate from the cloud computing environments being monitored. The monitoring service does not have access to restricted data in the cloud computing environments, including access control data, such that the monitoring service cannot directly interact with network devices. The monitoring service issues requests for monitoring data to device access services in the cloud computing environments. In response to the requests, the device access services obtain access control data to access the network devices and obtain the requested data, which is returned to the monitoring service. Show less

The described unified service management system provides a unified console to perform functions of individual management specialists. A unified console facilitates an administrator to perform the complex tasks that were performed by the individual management specialists. The unified console provides a “wizard” based approach to the administrator to design all aspects of the complex tasks including placement of components or computing devices, deciding on policies of the components or computing… Show more

The described unified service management system provides a unified console to perform functions of individual management specialists. A unified console facilitates an administrator to perform the complex tasks that were performed by the individual management specialists. The unified console provides a “wizard” based approach to the administrator to design all aspects of the complex tasks including placement of components or computing devices, deciding on policies of the components or computing devices, deciding on health policies of components or computing devices, fixing data protection policies of components or computing devices, etc. Show less

A computing system comprises a dataset including a plurality of data entries, at least some which include personally identifiable information (PII). A personal data oversight machine of the computing system is configured to receive an indication that a particular data entry includes PII, and based on the contents of the data entry, classify the data entry as including one or more of a plurality of types of PII by applying one or more data classification tags of a set of candidate data… Show more

A computing system comprises a dataset including a plurality of data entries, at least some which include personally identifiable information (PII). A personal data oversight machine of the computing system is configured to receive an indication that a particular data entry includes PII, and based on the contents of the data entry, classify the data entry as including one or more of a plurality of types of PII by applying one or more data classification tags of a set of candidate data classification tags to the data entry. Based on the data classification tags applied to the data entry, the personal data oversight machine applies one of a set of data management tags to the data entry, the set of data management tags including deletion, retention, and anonymization tags, and based on the data management tag, applies a data management operation to the data entry. Show less

Network management of cloud computing environments subject to different data control policies is standardized in a manner that ensures compliance with the data control policies. An execution service remote from a cloud computing environment being managed implements workflows to manage different aspects of the cloud computing environment, including monitoring, incident management, deployment, and/or buildout. The execution service issues requests to perform management actions for network devices… Show more

Network management of cloud computing environments subject to different data control policies is standardized in a manner that ensures compliance with the data control policies. An execution service remote from a cloud computing environment being managed implements workflows to manage different aspects of the cloud computing environment, including monitoring, incident management, deployment, and/or buildout. The execution service issues requests to perform management actions for network devices in the cloud computing environment. A device access service in the cloud computing environments receives the requests, and, in response to the requests, the device access service obtains access control data to access the network devices and perform the requested management actions for the network devices. Show less

Systems and methods for implementing a unified console for managing computing-based devices. Described is a unified management solution to efficiently manage one or more workloads or a plurality of tasks performed by a user for managing the resources of applications in a computer network that includes the computing-based devices. The system can be implemented by providing a combined functionality that includes features of monitoring and update services, in a single console.

Processes and techniques for tailoring operations management in a system are described. The processes and techniques allow a user to customize operations management based on the user's function within a system and the particular tasks that the user wishes to accomplish. Simplified user interfaces can be created by scoping the interfaces based on user profiles, preferences and system components

A change management system may use a phased status indicator that may illustrate several phases of a change request and a current status for each phase of a change management lifecycle. Additionally, a group of change requests may be displayed in a linked manner showing various relationships between change requests. The status indicator and linked display may be used together or separately to illustrate the status of various change requests and within interactive displays of change request data

Targeted user interfaces of managed applications can be displayed in a number of ways. Targeted user interfaces can be displayed, at a management computer server, based on task templates associated with tasks selected in a user interface of a management application running on the management computer server. Targeted user interfaces can be displayed, at a management computer server, based on a chosen task template associated with a task selected in a user interface of a management application… Show more

Targeted user interfaces of managed applications can be displayed in a number of ways. Targeted user interfaces can be displayed, at a management computer server, based on task templates associated with tasks selected in a user interface of a management application running on the management computer server. Targeted user interfaces can be displayed, at a management computer server, based on a chosen task template associated with a task selected in a user interface of a management application running on the management computer server. A task template can be chosen from one or more task templates associated with a selected task. Objects can be displayed in a user interface of a management application, and based on a selection of an object, tasks can be displayed Show less

Tools for providing integrated user experiences while allocating licenses within volume licensing systems. These tools may provide methods that include sending information for presenting licensing portals at recipient organizations. The licensing portals may include representations of properties licensed by the organizations, and may include indications of how many licenses remain available for allocation. The methods may include receiving and validating licensing requests. The tools may… Show more

Tools for providing integrated user experiences while allocating licenses within volume licensing systems. These tools may provide methods that include sending information for presenting licensing portals at recipient organizations. The licensing portals may include representations of properties licensed by the organizations, and may include indications of how many licenses remain available for allocation. The methods may include receiving and validating licensing requests. The tools may provide other methods that include requesting and receiving information for presenting the licensing portals, as well as requesting and receiving licensing-related actions from the licensing systems. The tools may provide still other methods that include receiving requests for information to present launch portals, with these requests incorporating user identifiers for particular end-users. These methods may also populate the launch portals with representations of properties for which the end-users are licensed, and may send the information for the launch portals to licensee organizations. Show less

A remote server managing multiple client computers at a customer site communicates with a server at a service provider site. A proxy gateway at the remote server allows communications through a network to the server at the service provider site. Remote monitoring of the multiple client computers may be performed at the server at the service provider site through a central monitoring console.

In a server cluster, multiple nodes may host one or more virtual servers. Virtual servers that may be hosted by particular nodes are identified. From the nodes, status is provided as to nodes that are actively hosting virtual servers and status of nodes whether they are actively hosting or not hosting a virtual server. Failover events are indicated, including transition of a virtual server from a failed node to another node.

Systems and methods are described that monitor health of actively executing computer applications, and particularly which monitor relational database space availability. In one implementation, a warning threshold is defined for free space within a database located on a SQL server. The complexity of the database is assessed, in part by locating each file within the database. A health state is then established for each of the files located within the database, wherein the health state is based on… Show more

Systems and methods are described that monitor health of actively executing computer applications, and particularly which monitor relational database space availability. In one implementation, a warning threshold is defined for free space within a database located on a SQL server. The complexity of the database is assessed, in part by locating each file within the database. A health state is then established for each of the files located within the database, wherein the health state is based on a comparison of free space in each of the located files to the warning threshold. Show less