System and method for extending cloud services into the customer premise

US 10,623,245 B2
Filed: 10/16/2017
Issued: 04/14/2020
Est. Priority Date: 01/10/2011
Status: Active Grant

First Claim

Patent Images

1. A method for providing network management services comprising:

providing a software-based extension agent that facilitates internet-based management of local computing resources by one or more computers that are part of a local network, the local network being separated from the Internet by at least one firewall, the at least one firewall operating independently of the software-based extension agent,wherein the software-based extension agent is configured to;

initiate a secure network connection to a remote data center, outbound through the firewall over the Internet using a standard Internet protocol,gather predetermined status information, from one or more local servers on the local network regarding a plurality of devices that access the one or more local servers,report the predetermined status information to the remote data center via the secure network connection,receive, from the remote data center via the secure network connection, a set of instructions created by the remote data center pertaining to management of the one or more local servers, andmake changes to configuration of the one or more local servers in response to the set of instructions, the changes updating rules managing the plurality of devices that access the one or more local servers;

providing to an administrator, by the remote data center, a web-based portal that allows the administrator to request configuration changes to the one or more local servers and to select type of status information that defines the predetermined status information; and

creating, by the remote data center, in response to configuration changes initiated via the web-based portal, the set of instructions to be sent to the software-based agent via the secure network connection.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cloud extension agent can be provided on a customer premise for interfacing, via an outbound secure connection, cloud based services. The cloud extension agent can reach the cloud based services through existing firewall infrastructure, thereby providing simple, secure deployment. Furthermore, the secure connection can enable substantially real-time communication with a cloud service to provide web-based, substantially real time control or management of resources on the customer premises via the cloud extension agent.

65 Citations

View as Search Results

20 Claims

1. A method for providing network management services comprising:
- providing a software-based extension agent that facilitates internet-based management of local computing resources by one or more computers that are part of a local network, the local network being separated from the Internet by at least one firewall, the at least one firewall operating independently of the software-based extension agent,wherein the software-based extension agent is configured to;
  
  initiate a secure network connection to a remote data center, outbound through the firewall over the Internet using a standard Internet protocol,gather predetermined status information, from one or more local servers on the local network regarding a plurality of devices that access the one or more local servers,report the predetermined status information to the remote data center via the secure network connection,receive, from the remote data center via the secure network connection, a set of instructions created by the remote data center pertaining to management of the one or more local servers, andmake changes to configuration of the one or more local servers in response to the set of instructions, the changes updating rules managing the plurality of devices that access the one or more local servers;
  
  providing to an administrator, by the remote data center, a web-based portal that allows the administrator to request configuration changes to the one or more local servers and to select type of status information that defines the predetermined status information; and
  
  creating, by the remote data center, in response to configuration changes initiated via the web-based portal, the set of instructions to be sent to the software-based agent via the secure network connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - providing, at the remote data center, a device management database that comprises a repository of the predetermined status information received from the software-based extension agent.
  - 3. The method of claim 1, further comprising sending the set of instructions to the software-based extension agent in real time in response to the configuration changes initiated via the web-based portal.
  - 4. The method of claim 3, wherein the step of sending the set of instructions further comprises sending the set of instructions using an XMPP protocol over the secure network connection.
  - 5. The method of claim 1, wherein the web-based portal comprises a dashboard that allows the administrator to view status information pertaining to the software-based extension agent and the one or more local servers in real-time.
  - 6. The method of claim 1, wherein the web-based portal allows the administrator to define alerts pertaining to status information relating to the software-based extension agent and the one or more local servers.
  - 7. The method of claim 1, wherein the web-based portal allows an administrator to remotely diagnose problems with one of the software-based extension agent and the one or more local servers, via the Internet.
  - 8. The method of claim 1, wherein the web-based portal allows an administrator to remotely upgrade the software-based extension agent via the Internet.
  - 9. The method of claim 1, wherein the software-based extension agent checks in with a heartbeat server periodically to determine if any updates from the remote data center are waiting.

10. A method for extending services into a customer premise comprising:
- providing a software-based extension agent that executes on a computer that is part of a local network, the local network being separated from the Internet by at least one firewall that operates independently of the software-based extension agent,wherein the software-based extension agent is configured to;
  
  initiate a secure connection to a remote data-center over the Internet, outbound through the at least one firewall, using a standard internet protocol,gather predetermined status information from one or more local servers on the local network regarding a plurality of devices that access the one or more local servers, report, via the secure connection, the predetermined status information,receive, via the secure connection, a set of instructions created at the remote data center for configuration of the one or more local servers on the local network, andchange the configuration of the one or more local servers in response to the first set of instructions via, an application program interface (API) exposed by the one or more local servers, the changes updating rules managing the plurality of devices that access the one or more local servers;
  
  providing to an administrator, as part of the remote data-center, a web-based portal that allows the administrator to request configuration changes to the one or more local computing resources and to select type of status information that defines the predetermined status information; and
  
  creating, by the remote data center, in response to the requested configuration changes initiated via the web-based portal, the set of instructions to be sent to the software-based extension agent via the secure connection.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, further comprising:
    - providing, as part of the remote data-center, a device management database that comprises a repository of the predetermined status information received from the software-based extension agent.
  - 12. The method of claim 10, further comprising sending the set of instructions to the software-based extension agent in-real time in response to the configuration changes initiated via the web-based portal.
  - 13. The method of claim 12, wherein the step of sending the set of instructions comprises sending the instructions using an XMPP protocol over the secure connection.
  - 14. The method of claim 10, wherein the web-based portal comprises a dashboard that allows the administrator to view status pertaining to the software-based extension agent and the one or more local computing resources in real-time.
  - 15. The method of claim 10, further comprising providing, via the remote data center, a web-based portal that allows the administrator to define alerts pertaining to status information relating to the software-based extension agent and the one or more local computing resources.
  - 16. The method of claim 10, further comprising providing, via the remote data center, a web-based portal that allows the administrator to remotely diagnose problems with the software-based extension agent and the one or more local resources, via the Internet.
  - 17. The method of claim 10, wherein the software-based extension agent checks in with a heartbeat server periodically to determine if any updates from the remote data center are waiting.

18. A method for providing management of corporate computing resources comprising:
- providing to an administrator, at one or more remote data centers, a web-based interface for management of policies for a plurality of client devices that access at least one server on a local network, the local network being isolated from the Internet via a firewall;
  
  maintaining, in a database associated with the one or more remote data centers that contains real time status information pertaining to the plurality of client devices;
  
  receiving, over the Internet at the remote data center, the real time status information pertaining to configuration and compliance status of each of the plurality of client devices via a first secure connection initiated by a first software-based extension agent operating on the at least one server, outbound through the firewall using a standard internet protocol; and
  
  in response to policy changes initiated through the web-based interface, creating and sending control instructions over the first secure connection from the one or more remote data centers to the first software-based extension agent;
  
  wherein the first software-based extension agent is configured to execute the control instructions to configure the at least one server on the local network to manage compliance rules for the plurality of client devices accessing the at least one server.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, further comprising selectively presenting the status information to the administrator using the web-based interface based on administrator preferences.
  - 20. The method of claim 18, further comprising receiving, over the Internet, a second secure connection initiated by a second extension agent using the standard internet protocol, wherein the second extension agent executes on a server within the local network and is available in the event of failure of the first software-based extension agent.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Snowflake, Inc.
Original Assignee
International Business Machines Corporation
Inventors
Narasimhan, Vineeth, Lambert, Joshua, Herchek, Thomas, Hope, Ryan Elliot, Jha, Nitish, Jain, Rahul, Singh, Sumeet
Primary Examiner(s)
Naji, Younes

Application Number

US15/785,137
Publication Number

US 20180054356A1
Time in Patent Office

911 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 9/06   using stored programs, i.e....

G06F 9/5088   involving task migration

H04L 41/046   comprising network manageme...

H04L 41/0806   for initial configuration o...

H04L 41/0816   the condition being an adap...

H04L 43/00   Arrangements for monitoring...

H04L 47/825   Involving tunnels, e.g. MPLS

H04L 51/046   Interoperability with other...

H04L 51/58   Message adaptation for wire...

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/168   above the transport layer

H04L 63/20   for managing network securi...

H04L 67/02   based on web technology, e....

H04L 67/10   in which an application is ...

H04L 67/1014   based on the content of a r...

H04L 67/125   involving control of end-de...

H04L 67/56   Provisioning of proxy servi...

H04W 4/50   Service provisioning or rec...

System and method for extending cloud services into the customer premise

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

65 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for extending cloud services into the customer premise

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

65 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links