System and method for managing devices relayed via an established session
First Claim
1. A system for managing, auditing and troubleshooting at least one IP device, said system comprising:
- a bridge device that relays a connection between an agent device and said at least one IP device to manage, audit and troubleshoot said at least one IP device, wherein said bridge device comprises;
a memory that stores a set of instructions; and
a processor that executes said set of instructions, said set of instructions comprising;
initiating a first secure connection with, or responding to a connection request from an admin device;
obtaining information associated with said at least one IP device from said admin device, wherein said information comprises an identity of said at least one IP device;
connecting to a device registry and downloading information associated with said at least one IP device, wherein said device registry stores said identity and access credentials of said at least one IP device to connect with said at least one IP device;
determining whether a connector to connect with said at least one IP device is installed in said bridge device;
communicating a request to said admin device and obtaining, from said admin device, (a) a uniform resource locator (URL) of a connector store, or (b) a location, from where a connector to connect with said at least one IP device is to be downloaded when said connector to connect with said at least one IP device is not installed in said bridge device;
downloading and installing said connector to connect with said at least one IP device as a plug-in module in said bridge device;
forming or joining a second secure connection with said agent device (108) to manage, audit and troubleshoot said at least one IP device;
forming, on approval from said admin device, a third secure connection, using said connector, between said bridge device and said at least one IP device;
securing and relaying information from said second secure connection to said third secure connection when said second secure connection and said third secure connection are connected together, wherein said information is secured end-to-end to prevent tampering, wherein said bridge device restricts session participants other than those using said agent device from accessing said information unless said agent device allows said session participants to interact with said at least one IP device, based on rules enforced by policy filters; and
obtaining, using said admin device, said policy filters and one or more input output (IO) masks and providing said policy filters and said one or more IO masks to said connector to manage, audit and troubleshoot said at least one IP device, wherein said policy filters determine how said session participants interact with said at least one IP device and said one or more IO masks comprise rules that determine what is seen by said each of session participants or what needs to be masked to manage, audit and troubleshoot said at least one IP device.
1 Assignment
0 Petitions
Accused Products
Abstract
The embodiments herein provide a system and a method managing, auditing and troubleshooting an IP device. The system comprises a bridge device that (a) initiates a first secure connection with, or responds to a connection request from an admin device, (b) connects to a device registry and downloads information associated with the IP device, (c) downloads and installs a connector to connect with the IP device as a plug-in module, (d) forms or joins a second secure connection with the agent device to manage, audit and troubleshoot IP device, (e) forms, on approval from the admin device, a third secure connection, between the bridge device and the IP device and (f) secures and relays information from the second secure connection to the third secure connection when the second secure connection and the third secure connection are connected together.
-
Citations
20 Claims
-
1. A system for managing, auditing and troubleshooting at least one IP device, said system comprising:
a bridge device that relays a connection between an agent device and said at least one IP device to manage, audit and troubleshoot said at least one IP device, wherein said bridge device comprises; a memory that stores a set of instructions; and a processor that executes said set of instructions, said set of instructions comprising; initiating a first secure connection with, or responding to a connection request from an admin device; obtaining information associated with said at least one IP device from said admin device, wherein said information comprises an identity of said at least one IP device; connecting to a device registry and downloading information associated with said at least one IP device, wherein said device registry stores said identity and access credentials of said at least one IP device to connect with said at least one IP device; determining whether a connector to connect with said at least one IP device is installed in said bridge device; communicating a request to said admin device and obtaining, from said admin device, (a) a uniform resource locator (URL) of a connector store, or (b) a location, from where a connector to connect with said at least one IP device is to be downloaded when said connector to connect with said at least one IP device is not installed in said bridge device; downloading and installing said connector to connect with said at least one IP device as a plug-in module in said bridge device; forming or joining a second secure connection with said agent device (108) to manage, audit and troubleshoot said at least one IP device; forming, on approval from said admin device, a third secure connection, using said connector, between said bridge device and said at least one IP device; securing and relaying information from said second secure connection to said third secure connection when said second secure connection and said third secure connection are connected together, wherein said information is secured end-to-end to prevent tampering, wherein said bridge device restricts session participants other than those using said agent device from accessing said information unless said agent device allows said session participants to interact with said at least one IP device, based on rules enforced by policy filters; and obtaining, using said admin device, said policy filters and one or more input output (IO) masks and providing said policy filters and said one or more IO masks to said connector to manage, audit and troubleshoot said at least one IP device, wherein said policy filters determine how said session participants interact with said at least one IP device and said one or more IO masks comprise rules that determine what is seen by said each of session participants or what needs to be masked to manage, audit and troubleshoot said at least one IP device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
13. One or more non-transitory computer readable storage mediums storing one or more sequences of instructions, which when executed by one or more processors, causes managing, auditing and troubleshooting of at least one IP device, by performing the steps of:
-
obtaining a set of policies from original equipment manufacturer (OEM) policy server, wherein said set of policies comprise at least one of (a) commands to be performed to manage, audit and troubleshoot said at least one IP device or (b) responses; updating said set of policies obtained from said OEM policy server to revoke permissions on at least one of (a) said commands or (b) said visibility of information from an agent device, a bridge device or an admin device, wherein said admin device is restricted to include additional permissions over said set of policies that are obtained from said OEM policy server; storing said updated set of policies in an internal policy server; determining an identity of said at least one IP device from at least one of (a) fault reporting mechanisms or (b) a request initiated by said agent device; initiating a first secure connection with, or responding to a connection request from said bridge device, wherein information associated with said identity of said at least one IP device is communicated to said bridge device; determining whether said bridge device comprises a connector to initiate a connection with said at least one IP device; obtaining a request from said bridge device and communicating, to said bridge device, (a) a uniform resource locator (URL) of a connector store or (b) a location from where a connector to connect with said at least one IP device is to be downloaded when said connector to connect with said at least one IP device is not installed in said bridge device; forming a session or responding to a session creation request made by said agent device to (a) authenticate said agent device and (b) connect said agent device with said bridge device to manage, audit and troubleshoot said at least one IP device when said commands, provided by said agent device, are presented in said set of policies provided by said OEM policy server or said internal policy server; and providing information to said bridge device to at least one of (a) connect with said at least one IP device to manage, audit and troubleshoot said at least one IP device, (b) join said session or (c) perform session management operations. - View Dependent Claims (14)
-
-
15. A computer implemented method for managing, auditing and troubleshooting of at least one IP device, said method comprising:
-
initiating a first secure connection with, or responding to a connection request from an admin device; obtaining information associated with said at least one IP device from said admin device, wherein said information comprises an identity of said at least one IP device; connecting to a device registry and downloading information associated with said at least one IP device, wherein said device registry stores said identity and access credentials of said at least one IP device to connect with said at least one IP device; determining whether a connector to connect with said at least one IP device is installed in said bridge device; communicating a request to said admin device and obtaining, from said admin device, (a) a uniform resource locator (URL) of a connector store, or (b) a location, from where a connector to connect with said at least one IP device is to be downloaded when said connector to connect with said at least one IP device is not installed in said bridge device; downloading and installing said connector to connect with said at least one IP device as a plug-in module in said bridge device; forming or joining a second secure connection with said agent device to manage, audit and troubleshoot said at least one IP device; forming, on approval from said admin device, a third secure connection, using said connector, between said bridge device and said at least one IP device; securing and relaying information from said second secure connection to said third secure connection when said second secure connection and said third secure connection are connected together, wherein said information is secured end-to-end to prevent tampering, wherein said bridge device restricts session participants other than those using said agent device from accessing said information unless said agent device allows said session participants to interact with said at least one IP device, based on rules enforced by policy filters; and obtaining, using said admin device, said policy filters and one or more input output (IO) masks and providing said policy filters and said one or more IO masks to said connector to manage, audit and troubleshoot said at least one IP device. - View Dependent Claims (16, 17, 18, 19, 20)
-
Specification