Invention Title:

PAVE AND/OR REPAVE SYSTEMS AND METHODS USING RANSOMWARE PROTECTION SMART NETWORK INTERFACE CONTROLLER OR RANSOMWARE PROTECTION STORAGE DEVICE SECURE SNAPSHOTS

Publication number:

US20240143758

Publication date:

2024-05-02

Section:

Physics

Class:

G06F21/565

Inventor:

Wai Chuen Yim Merrimack, NH, United States

Assignee:

DELL PRODUCTS L.P. Round Rock, TX, United States

Applicant:

Dell Products L.P. Round Rock, TX, United States

Drawings (4 of 11)

Drawing 01 for PAVE AND/OR REPAVE SYSTEMS AND METHODS USING RANSOMWARE PROTECTION SMART NETWORK INTERFACE CONTROLLER OR RANSOMWARE PROTECTION STORAGE DEVICE SECURE SNAPSHOTS

Drawing 02 for PAVE AND/OR REPAVE SYSTEMS AND METHODS USING RANSOMWARE PROTECTION SMART NETWORK INTERFACE CONTROLLER OR RANSOMWARE PROTECTION STORAGE DEVICE SECURE SNAPSHOTS

Drawing 03 for PAVE AND/OR REPAVE SYSTEMS AND METHODS USING RANSOMWARE PROTECTION SMART NETWORK INTERFACE CONTROLLER OR RANSOMWARE PROTECTION STORAGE DEVICE SECURE SNAPSHOTS

Drawing 04 for PAVE AND/OR REPAVE SYSTEMS AND METHODS USING RANSOMWARE PROTECTION SMART NETWORK INTERFACE CONTROLLER OR RANSOMWARE PROTECTION STORAGE DEVICE SECURE SNAPSHOTS

Smart overview of the Invention

An innovative system utilizes a smart network interface controller (SmartNIC) or a storage device equipped with a ransomware protection engine to enhance the security of Information Handling Systems (IHSs). The core functionality involves creating secure snapshots of the boot device, which can be used to restore the system to a known good state in case of a ransomware attack. This process streamlines the paving and repaving of IHSs, making them more resilient against malware threats.

Creating Secure Snapshots

The ransomware protection engine first generates a secure snapshot of the IHS's boot device. From this secure snapshot, a read and writable snapshot is created, which is then presented to the IHS as its primary boot device through the Unified Extensible Firmware Interface (UEFI) or Basic Input/Output System (BIOS). This setup allows for modifications to persist across reboots, providing flexibility while maintaining security.

Repaving Mechanism

Upon receiving a repave command via the SmartNIC's management interface, the system can recreate the read and writable snapshot during the next reboot. This action restores the primary boot device to its known good state as recorded in the secure snapshot, ensuring that any harmful changes made during operation can be effectively reversed.

Protection from Ransomware Attacks

The ransomware protection engine enhances security by generating an additional read and writable snapshot from the original secure snapshot. This alternate snapshot is exposed as a secondary boot device, allowing for quick recovery if the primary device is compromised. The system is designed to automatically recreate this snapshot on each reboot, maintaining continuous protection against potential ransomware threats.

Updating Operating Environments

In addition to paving and repaving functions, the ransomware protection engine can manage firmware and software updates. It installs updates to the boot device while creating new secure snapshots for both primary and alternate boot devices. This capability ensures that the operating environment remains current while also retaining previous snapshots for potential reversion, thereby enhancing overall system reliability and security.