System and method for extending cloud services into the customer premise

US 10,700,927 B2
Filed: 12/29/2017
Issued: 06/30/2020
Est. Priority Date: 01/10/2011
Status: Active Grant

First Claim

Patent Images

1. A method for providing network management services comprising:

providing a software-based extension agent that facilitates Internet-based management of local computing resources by execution on one or more computers that are part of a local network that is separated from the Internet by at least one firewall, the at least one firewall operating independently of the software-based extension agent,wherein the software-based extension agent is configured to;

initiate a secure network connection to a remote data center, outbound through the at least one firewall over the Internet using a standard internet protocol,gather status information, from one or more local servers on the local network that manage a plurality of mobile devices that are authorized to remotely access resources on the local network, the status information including information regarding compliance status of the plurality of mobile devices and configuration status of the one or more local servers with respect to the management of the plurality of mobile devices,report the status information to the remote data center via the secure network connection,receive, from the remote data center via the secure network connection, a set of instructions created by the remote data center for management of the one or more local servers, andmake changes to configuration of the one or more local servers in response to the set of instructions, the changes updating rules managing the plurality of mobile devices;

providing to an administrator, by the remote data center, a web-based portal that allows the administrator to request configuration changes to the one or more local servers; and

creating, by the remote data center, in response to configuration changes initiated via the web-based portal, the set of instructions to be sent to the software-based extension agent via the secure network connection.

View all claims

3 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A cloud extension agent can be provided on a customer premise for interfacing, via an outbound secure connection, cloud based services. The cloud extension agent can reach the cloud based services through existing firewall infrastructure, thereby providing simple, secure deployment. Furthermore, the secure connection can enable substantially real-time communication with a cloud service to provide web-based, substantially real time control or management of resources on the customer premises via the cloud extension agent.

64 Citations

20 Claims

1. A method for providing network management services comprising:
- providing a software-based extension agent that facilitates Internet-based management of local computing resources by execution on one or more computers that are part of a local network that is separated from the Internet by at least one firewall, the at least one firewall operating independently of the software-based extension agent,wherein the software-based extension agent is configured to;
  
  initiate a secure network connection to a remote data center, outbound through the at least one firewall over the Internet using a standard internet protocol,gather status information, from one or more local servers on the local network that manage a plurality of mobile devices that are authorized to remotely access resources on the local network, the status information including information regarding compliance status of the plurality of mobile devices and configuration status of the one or more local servers with respect to the management of the plurality of mobile devices,report the status information to the remote data center via the secure network connection,receive, from the remote data center via the secure network connection, a set of instructions created by the remote data center for management of the one or more local servers, andmake changes to configuration of the one or more local servers in response to the set of instructions, the changes updating rules managing the plurality of mobile devices;
  
  providing to an administrator, by the remote data center, a web-based portal that allows the administrator to request configuration changes to the one or more local servers; and
  
  creating, by the remote data center, in response to configuration changes initiated via the web-based portal, the set of instructions to be sent to the software-based extension agent via the secure network connection.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The method of claim 1, further comprising:
    - providing, at the remote data center, a device management database that comprises a repository of the status information received from the software-based extension agent.
  - 3. The method of claim 1, further comprising sending the set of instructions to the software-based extension agent in real time in response to the configuration changes initiated via the web-based portal.
  - 4. The method of claim 3, wherein the step of sending the set of instructions further comprises sending the set of instructions using an XMPP protocol over the secure network connection.
  - 5. The method of claim 1, wherein the web-based portal comprises a dashboard that allows the administrator to view status and policy information pertaining to the plurality of mobile devices in real-time.
  - 6. The method of claim 1, wherein the web-based portal allows the administrator to manage a plurality of policies for managing the plurality of mobile devices via the Internet.
  - 7. The method of claim 1, wherein the web-based portal allows the administrator to remotely diagnose problems with one of the software-based extension agent and the one or more local servers, via the Internet.
  - 8. The method of claim 1, wherein the web-based portal allows the administrator to remotely upgrade the software-based extension agent via the Internet.
  - 9. The method of claim 1, wherein the web-based portal allows the administrator to publish network policies to the software-based extension agent via the Internet.

10. A method for extending services into a customer premise comprising:
- providing a software-based extension agent that executes on a computer that is part of a local network, the local network being separated from the Internet by at least one firewall that operates independently of the software-based extension agent,wherein the software-based extension agent is configured to;
  
  initiate a secure connection to a remote data-center over the Internet, outbound through the at least one firewall, using a standard internet protocol,gather status information regarding compliance status of a plurality of mobile devices that are authorized to remotely access resources on the local network and identity of users of the plurality of mobile devices;
  
  report, via the secure connection, the status information,receive, via the secure connection, a set of instructions created at the remote data center for configuration of one or more local computing resources on the local network, and change the configuration of the one or more local computing resources in response to the set of instructions via an application program interface (API) exposed by the one or more local computing resources, including updating rules managing the plurality of mobile devices; and
  
  providing to an administrator, as part of the remote data-center, a web-based portal that allows the administrator to request configuration changes to the one or more local computing resources; and
  
  creating, by the remote data-center, in response to the requested configuration changes initiated via the web-based portal, the set of instructions to he sent to the software-based extension agent via the secure connection.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The method of claim 10, further comprising:
    - providing, as part of the remote data-center, a device management database that comprises a repository of the status information received from the software-based extension agent.
  - 12. The method of claim 10, further comprising sending the set of instructions to the software based extension agent in real time in response to the configuration changes initiated via the web-based portal.
  - 13. The method of claim 12, wherein the step of sending the set of instructions comprises sending the set of instructions using an XMPP protocol over the secure connection.
  - 14. The method of claim 10, wherein the web-based portal comprises a dashboard that allows the administrator to view status and policy information pertaining to the plurality of mobile devices ins real-time.
  - 15. The method of claim 10, further comprising providing, via the remote data center, a web-based portal that allows the administrator to manage a plurality of policies for managing the plurality of mobile devices via, the Internet.
  - 16. The method of claim 10, further comprising providing, via the remote data center, a web-based portal that allows the administrator to remotely diagnose problems with the software-based extension agent and the one or more local computing resources, via the Internet.
  - 17. The method of claim 10, further comprising providing, via the remote data center, a web-based portal that allows the administrator to publish network policies to the software-based extension agent via the Internet.

18. A method for providing management of mobile devices comprising:
- providing to an administrator, at one or more remote data centers, a web-based interface for management of policies for a set of mobile devices that are authorized to remotely access computing resources on one or more servers in a local network;
  
  maintaining, in a database associated with the one or more remote data centers, policy and configuration information related to the set of mobile devices;
  
  receiving status information reflecting compliance status of one or more mobile devices in the set of mobile devices, at the one or more remote data centers over the Internet via a first secure connection initiated by a first software-based extension agent that executes on a computer in the local network, the local network being separated from the Internet by at least one firewall that operates independently of the software-based extension agent, where the first secure connection is initiated outbound through the at least one firewall over the internet using a standard internet protocol; and
  
  in response to policy changes initiated through the web-based interface, creating and sending control instructions over the first secure connection from the one or more remote data centers to the first software-based extension agent;
  
  wherein the first software-based extension agent is configured to execute the control instructions to configure the one or more servers on the local network by managing compliance rules for the set of mobile devices accessing the local computing resources.
- View Dependent Claims (19, 20)
- - 19. The method of claim 18, further comprising:
    - selectively presenting the status information to an administrator using the web-based Interface.
  - 20. The method of claim 18, further comprising:
    - receiving, over the Internet, a second secure connection initiated by a second extension agent using the standard internet protocol, wherein the second extension agent executes on a server within the local network and is available in the event of failure of the first software-based extension agent.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Snowflake, Inc.
Original Assignee
International Business Machines Corporation
Inventors
Narasimhan, Vineeth, Lambert, Joshua, Herchek, Thomas, Hope, Ryan Elliot, Jha, Nitish, Jain, Rahul, Singh, Sumeet
Primary Examiner(s)
Naji, Younes

Application Number

US15/858,414
Publication Number

US 20180227174A1
Time in Patent Office

914 Days
Field of Search

None
US Class Current
CPC Class Codes

G06F 9/06   using stored programs, i.e....

G06F 9/5088   involving task migration

H04L 41/046   comprising network manageme...

H04L 41/0806   for initial configuration o...

H04L 41/0816   the condition being an adap...

H04L 43/00   Arrangements for monitoring...

H04L 47/825   Involving tunnels, e.g. MPLS

H04L 51/046   Interoperability with other...

H04L 51/58   Message adaptation for wire...

H04L 63/029   Firewall traversal, e.g. tu...

H04L 63/168   above the transport layer

H04L 63/20   for managing network securi...

H04L 67/02   based on web technology, e....

H04L 67/10   in which an application is ...

H04L 67/1014   based on the content of a r...

H04L 67/125   involving control of end-de...

H04L 67/56   Provisioning of proxy servi...

H04W 4/50   Service provisioning or rec...

System and method for extending cloud services into the customer premise

First Claim

3 Assignments

0 Petitions

Accused Products

Abstract

64 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for extending cloud services into the customer premise

First Claim

3 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

64 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links